DANGER AHEAD:
Cyber Hacking On The Rise
Colonial Pipeline was hit with a devastating ransomware cyberattack in May 2021 that impacted computerized equipment managing the pipeline. The attack forced the company to shut down approximately 5,500 miles of pipeline in the United States, crippling gas delivery systems across the Southeast and Mid Atlantic states and panicking consumers.
By William Jones and D.S. Mitchell
Terrorists. Criminals and Cowboys
The ongoing digitization of all aspects of modern life should be concerning. Governments world-wide are facing new challenges to keep both business and government secrets private in an increasingly threatening world of cyber criminals, state sponsored terrorists, and cowboy hackers. With increasing online and data usage, government databases have become primary targets for hackers and other cyber terrorists and criminals. Recent events have shaken the U.S. government and citizen confidence. Hackers can compromise data and as Chris Krebs said recently, ransomware attackers are the greatest threat to our digital world. Krebs served as Director of the Cybersecurity and Infrastructure Security Agency in the United States Department of Homeland Security from November 2018 to November 2020.
Cyber Warfare
Cyber warfare is defined as actions by a nation-state to penetrate another nation’s computers or networks to cause damage or disruption. It may also include non-state actors, such as terrorist groups, private companies, political or ideological extremist groups, criminal organizations, and activists. Cyber attacks have been a cause of concern for years, as the frequency of data breaches has increased along with their complexity and (economic, military, and political) implications, including elections and military catastrophe an ever growing possibility.
Continuous Conflict
Cyber-attacks have become a dangerous domain utilized by Russia and other rogue states such as North Korea and Iran to wage a continuous low-level conflict against adversaries. Regrettably, at this point in the story, we need to place some blame on the victims. The slow, poorly coordinated, and lackluster response to such behavior (both government and mafia types) by the United States and other state victims have, we believe emboldened these criminals. Several autocratic regimes tolerate, and out right support, cyber hacking and ransom threats and attacks against other countries.
Sanctions Have Failed
Years of bad activities by these nations have resulted in a heavy load of sanctions being placed on them by the EU, the US, Japan and others but have produced no improvement in the conduct of Putin, Kim Jung Un and the Ayatollah Khomeini. Devices such as bitcoin have allowed these criminals to hide their transactions and their ill-gained rewards. Hopefully, the recent action by the FBI whereby over half of the money involved in the Colonial Pipe Line ransom was recovered will discourage them, but that is unlikely. In fact, the seriousness of the intrusions is growing more dangerous and bold by the day. The days of pirate hackers must stop. It is essential the US respond in kind to Russian criminal actors if Putin won’t, or expect the hacks to increase.
Ratchet Up Tensions
Hackers linked to Russian intelligence services breached systems used by a leading U.S aid agency to target other government agencies, human rights organizations, and think tanks. The “wave of attacks,” was first revealed by Microsoft Corp. in a blog post . The hackers breached an email marketing service used by the U.S Agency for International Development (USAID). The hackers targeted 3,000 email accounts at over 150 organizations across 24 countries. The majority of victims were U.S. organizations. These activities have ramped up tensions between Washington and Moscow ahead of the highly anticipated summit between Biden and Putin. Cyber security experts say that cyber attacks by Russian hackers have become a daily occurrence, and that as such is a major security threat that Biden must bring up with Putin. Observers believe Biden will promise strong action by the EU, UK, and the Quad (India, Japan, US and Australia) to such provocative conduct.
How Bad Was The Damage Done?
According to Tom Burt, Microsoft’s corporate vice president for customer security and trust, at least a quarter of the organizations targeted by the email phishing campaign worked on humanitarian, international development and human rights issues. But the extent of the damage is still unclear. Microsoft believes the attacks are ongoing, though it noted that automated threat detection systems blocked most of the emails, marking them as spam, many got through.
Solar Winds
Microsoft attributed the attacks to Nobelium, the same hacking group that engineered the recent Solar Winds hacks targeting U.S government agencies. The Solar Winds attack is considered the worst cyber espionage breach in U.S history. While Nobelium orchestrated the Solar Winds hacks, U.S officials said that Russia’s foreign intelligence service, the SVR, was behind the operation.
A Tool Of Choice
Whether it amounts to a significant breach of U.S. government cyber infrastructure or not, the latest Nobelium attack shows that Russia has not been deterred by waves of retaliatory U.S and European sanctions over previous cyber attacks. It also represents the latest example of authoritarian regimes turning to hacking groups to target their rival’s abroad, whether foreign governments or human rights advocates. “This is yet another example of how cyber attacks have become the tool of choice for a growing number of nation-states to accomplish a wide variety of political objectives,” Microsoft’s Burt wrote recently.
About Time To Defend Ourselves
News of the incident is likely to fuel calls in Washington for the Biden administration to take a stricter stance on Moscow. “If Moscow is responsible, this brazen act of utilizing emails associated with the U.S government demonstrates that Russia remains undeterred despite sanctions following the Solar Winds attack. Those sanctions gave the administration flexibility to tighten the economic screws further if necessary — it now appears necessary,” said Rep. Adam Schiff, Democratic chairman of the House Intelligence Committee, in a statement on Friday.
Nothing New
Some cyber security experts are skeptical that the USAID hack signified a significant escalation, noting that spear-phishing emails are a routinely used tool in cyber espionage. “It’s really not that unusual that attackers do something like this,” said security expert Bruce Schneier, a fellow at the Berkman Klein Center for Internet and Society at Harvard University. “I’m willing to bet these things happen every single day,” he added. The targeting of organizations working on human rights and humanitarian aid is significant, as the Kremlin has pursued an ongoing crackdown on civil society organizations.
Biden And Putin In Geneva
President Joe Biden has announced he will be speaking to Russian President Vladimir Putin. Biden can expect minefields as the men have traded verbal barbs amid rising tensions in the past months. In an interview in March, Biden agreed with a description of Putin as a “killer”. In response Russia temporarily recalled its ambassador to the U.S. and dryly wished Biden “good health.”
Short List of Topics
There’s little expectation of any positive results from this meeting, aside from the hopes it will improve relations and understanding between the two leaders. A shortlist of subjects includes arms control, climate change, Russian military involvement in Ukraine, Russia’s cyber-hacking activities, including the 2020 Solar Winds attack on U.S government, bounties on US military personnel, private computer networks, and the poisoning and jailing of dissident Alexei Navalny.
Growing Challenge
The growing number of cyber attacks by rivals presents a challenge to the Biden administration as it seeks to deter intrusions on government and corporate systems. As a result, Biden’s message to Putin needs to be bold enough to put an end of this menace. Earlier, Biden had said that “there is no evidence based on, from our intelligence people, that Russia is involved, though there is evidence that the actors, ransomware, is in Russia. They have some responsibility to deal with this,”
Steps Ahead
First, Biden should notify Putin that the U.S will sanction all groups associated with cyber attacks. Intensifying the already stiff sanctions could undercut Russia’s criminal hackers ability to operate ‘front’ companies, engage in financial transactions, and use the cyber infrastructure necessary to undertake such cyber attacks. The U.S should seek comparable action from allies and partners.
Second, Biden should announce that in partnership with allies that the U.S will discuss expanding and strengthening economic sanctions against Russia. Putin has to know that NATO will develop and exercise cyber-capabilities to ensure the resilience of military, telecommunications, and electric grid networks.
Finally, Biden should tell Putin that there is resolve among the international community to meet the challenge of cyber hacking. The days of lawless criminals subsidized by state actors using strong-arm tactics that affect the integrity of democratic institutions and national critical services, such as the electric grid and telecommunications, will not be tolerated.
https://www.calamitypolitics.com/2017/09/26/10-simple-ways-to-protect-against-computer-viruses/
References
https://www.bbc.com/news/world-us-canada-57244860
https://www.theguardian.com/us-news/2021/may/10/colonial-pipeline-shutdown-us-darkside-message
https://www.nytimes.com/2021/05/28/us/politics/russia-hack-usaid.html
