Photo credit: HackRead –
The latest and most damaging attacks, which have supposedly originated in Ukraine, are said to be using a variant of the code “Eternal Blue,” which reportedly was stolen from the National Security Agency (NSA). This malware was allegedly designed to take control over or destroy computers running an older Microsoft Windows program without leaving any known detectable trace. Demand for a ransom of $300 in Bitcoins appears on the screen, but paying the ransom, as done with last month’s WannaCry attack does not guarantee the computer hard-drive was not corrupted. The special features of this cyber-weapon allow it to access all your information, including whatever has been stored on a cloud.
The ongoing attack, dubbed Petya or GoldenEye (apparently named after Ian Fleming’s inspired 1995 James Bond film of the same name), has shut down the computers of large domestic and international corporations around the world, including the second largest pharma company in the U.S., Merck, Russia’s largest oil company, Rosneft, Ukraine’s State power distribution company, airports, transportation companies, banks and hospitals.
GoldenEye is also wrecking havoc in the operations of the world’s biggest cargo and freight carrier company, the Danish Maersk Line, which operates 590 containers from 374 offices in around the world. “Last year Maersk shipped approximately 12 million containers around the globe, making 46,000 port calls in 343 ports in 121 countries.” Delays in arrival and departure of Maersk container ships are also disrupting ground transportation and have already upset delivery of products. The longer the computers are down, the greater the confusion and damages.
The more attacks, the more advice from cyber security companies could be found online – if you can turn on your computer. The more attacks, the larger the budgets allocated to future attacks. But as we are witnessing, again and again, the majority of cybersecurity advisors seem to be lagging behind, unable to prevent the next attack.
Golan Ben-Oni, the CIO at IDT, the New Jersey-based international telecommunication company seems to have been the first to identify the footprints of GoldeEye, the current cyber-weapon last April. “The World isn’t ready” for this kind of cyber attack, Mr. Ben-Oni warned in the New York Times. “Time is burning…This is really a war,” he said. And five days after the paper run his story, the world was hit with “GoldenEye.” Alas, the prevailing attitude, especially in the U.S. seems to reject the notion of preparing for the unknown.
The damage and cost of recovering from attacks, even less destructive the GoldenEye, are impossible to measure, if only because there are so many accumulative unknown and hidden elements that are difficult to track.
Ian Fleming, the former British naval intelligence officer, realized early on that the capability to launch modern warfare is not limited to nations, but that well-funded rogue individuals or groups have the potential to launch devastating attacks on whichever target they choose, the kind his hero, Bond, succeeded defeating.
Today’s cyber warfare, as Fleming predicted seven decades ago, is not limited to nations. Chinese, Russian, Iranian and North Korean hackers sometimes compete with and sometimes are joined by global criminal and terrorist groups. All these perpetrators are sometimes assisted by rogue insiders who are willing to sell out their nation’s or employer’s secrets.
A 2017 Cybersecurity Trends Report, which surveyed more than 1,900 cybersecurity professionals “reveals that organizations are struggling with a worsening cyber skill shortage while facing rising threat levels” according to Holger Schulze, founder of the 350,000-member Information Security Community on LinkedIn.” Schulze also not, d “The good news is that budgets are increasing for many organizations to invest in security training, outsourced security services, and cyber security technologies.” However, outsourcing cyber operations, by the NSA as well as others have caused untold danger to U.S. national security and caused large losses to many industries, including banks and financial institutions.
On Monday, hours before the GoldenEye attack spread, the White House new cybersecurity coordinator, Rob Joyce, told the 7th Annual International Cybersecurity Conference at Tel Aviv University, in Israel, “We can’t protect against what we don’t understand.” He went on to say, “We need to figure out a deterrence model of how to impose costs on other nations so that they cannot achieve their desired outcomes.”
Israel’s attitude to cyber attacks seems less diplomatic. Nadav Argaman, the head of Israel’s national security agency, the Shin Bet, did not mince his words: “Our defense does not recognize any borders… We follow threats everywhere… We connect the cyber and the physical world. We do not just wait to get hacked. We go aggressively after hackers to get them before they attack.”
President Trump’s May 11, 2017, executive order calls for “a comprehensive review of the federal government’s cybersecurity risk management policies and procedures,” and ensuring the adequacy of the federal cybersecurity support given to the critical infrastructure, especially the electric grid.
The cyber security industry should live up to its promise and develop better methods to ensure greater security by extreme-vetting of employees, and limit outsourcing, constantly updating and patching holes in existing programs and investing in sources that could keep them secure.
Meanwhile, Congress should adopt policies that will help win secure the nation’s cyber communications, which remained vulnerable under the Obama administration. Proper policies to protect, prevent and deter cyber warfare must be adopted and implemented real soon. Without them, the country’s communication-based industries and everything wireless we use and are dependent on could be paralyzed and bring the U.S. to a screeching halt.