Tuesday, March 27, 2018
Sea Hack - NotPetya
The world is quivering at the expectation of rising hostile governmental and dark criminal online hacking, theft and misdirection. Massive consumer and government information constantly spills into public awareness after a big hack. Ransomware, theft and total embarrassment are routine. We’ve heard of hospitals with sensitive medical information and even local police departments forced to pay ransom demands to restore access to their own data. We are hardly innocent, having deployed cyber-malware in the past to disable Iran’s nuclear enrichment centrifuges, but we have been more victim than perpetrator.
Remember North Korea’s revenge on Sony Pictures, back in December of 2014, for releasing a film (The Interview) that made fun of leader Kim Jong-un? This hack and the public release of private communications and commercially valuable intellectual property decimated that studio. The North released a bevy of embarrassing private emails from very senior executives – forced to resign as a result – and dumped five completed feature films, primed for release, into the get-it-for-free Web. Did we learning anything from that?
North Korea also has special cyber-units dedicated to trolling cyber-currency holders (e.g., bitcoins) to steal fungible currency in order to fund foreign purchases necessary for their weapons program – given U.S.-driven international sanctions – and to keep Kim’s opulent lifestyle going unabated. It’s no secret that a parallel group of highly specialized North Korean hackers are probing vulnerabilities everywhere, particularly anything that can destabilize or target the United States and its Western allies. They are very good at their jobs.
The DOJ just indicted nine Iranian nationals. Their targets? American Universities and corporations rich in technology research and patents. A modest goal… unless they really steal something military and very special. Ah, but the Russians; they’ve got hacking and spreading disinformation down!
The Russian approach is both direct, military and other government intelligence units plying their cyber-sleuthing, and indirect, where the government funds “private” hackers, some companies and some bands of crazy Russia “genius-hackers” who are provided with hard cash and sometimes with access to illicit drugs or prostitutes. This latter approach creates tons of plausible deniability, but there is zero doubt (other than with our President) that this is Putin-directed activity.
Our intelligence agencies have uniformly confirmed that weaponized disinformation, based on readily-available personal information (hence the Cambridge Analytica scandal over Facebook data), was heavily deployed by Russian operatives in an effort to discredit Hillary Clinton and elevate Donald Trump in the 2016 presidential elections. Both our intelligence agencies and Congressional committees have also revealed Russia probes of our power grid and institutional financial networks, particularly within smaller companies that have not adopted more stringent (read: expensive) cyber-security measures recommended by the government. Sometimes such malware intended for one arena is a contagion that spreads into unanticipated directions with horrible consequences.
Nothing brings home the potential devastation of our commercial routine like what happened to the global shipping industry (a $500 billion/year industry) in June of 2017, an experience that was downplayed at the time because of the magnitude of the damage. Cyber security had been way down the list of risks for that sector, behind weather, fuel costs, mechanical issues, strikes and boycotts, and war/piracy. The March 23rd FastCompany.com explains:
Then came NotPetya. Last June, computers at the Danish shipping giant Maersk were infected in [an] international malware outbreak, since attributed by U.S. authorities to Russia. The infection, in which Maersk isn’t believed to have been deliberately targeted, cost the business between $250 million and $300 million as it reduced its normal shipping volumes and scrambled to reinstall software on tens of thousands of PCs and servers.
‘Imagine a company where a ship with 10,000 to 20,000 containers enter a port every 10 minutes, and for 10 days you have no IT,’ Maersk chairman Jim Hagemann Snabe said in a panel session at the World Economic Forum in Davos in January. ‘It’s almost impossible to even imagine.’
Snabe called the malware incident ‘a very important wake-up call,’ and others in the maritime industry agree it’s brought cybersecurity issues to the forefront… ‘Stakeholders in the industry are now beginning to acknowledge, yes, there might be a problem,’ says Lars Jensen, cofounder and CEO of CyberKeel, a Copenhagen cybersecurity focused on the maritime world. After all, he says, Maersk ‘had not been as lax’ as other companies in the industry…
In the worst case, hackers could hijack navigational tools and cause collisions—high-profile crashes by U.S. Navy ships last year raised fears of such attacks, though no evidence of hackers was found—interfere with onboard machinery and cause stalls or even spills, or simply make sailors and passengers very uncomfortable.
‘In cruise vessels, all the auxiliary systems such as generators, air conditioning units, elevators, etc., can be attacked, which could lead to catastrophic experience for cruise guests,’ warned Itai Sela, CEO of Israeli maritime cybersecurity firm Naval Dome, in an email to Fast Company.
Recent reports have indicated that many yachts are vulnerable, including some of the ultra-high-end superyachts favored by millionaires and billionaires. Last year, the Guardianreported a hacking demonstration at a superyacht industry conference, where security experts showed how easy it was to access private files through yachts’ Wi-Fi networks and even connect to onboard navigation systems. And just this month, a report from Kaspersky Lab indicated that vulnerabilities in yacht digital entertainment systems could be used to remotely breach the vessels, potentially even gaining access to more sensitive systems.
Like many types of systems that predate the modern internet, many ship systems weren’t designed for security the way they likely would be in 2018. In a blog post last year, Ken Munro, a partner at the U.K. security consultancy Pen Test Partners, pointed to internet-enabled shipboard satellite communication systems that openly shared information about their communication hardware, ship coordinates, and even the names of crew members.
Munro compared the situation to industrial control systems, the often-antiquated, specialized computers used in factories and power plants that have sometimes been migrated from isolated, limited-access networks to networks linked to the public internet. In the worst case, a clever phishing attack on one of those identified crew members could be enough to take control of the ship’s computers… ‘You could influence or change the direction of travel on a ship—that’s quite scary, isn’t it?’ he tells Fast Company. ‘Most of these systems do have manual overrides, but they’re quite difficult to use.’
Americans in general, and our government more specifically, have been increasingly reactive to threats, from hurricanes and earthquakes to cyber-security. We spend billions to repair what could have been prevented or effectively reduced with a fraction of anticipatory proactive costs. Bigger for profit institutions, with sufficient financial resources, and the most clandestine arenas of government are probably more advanced in limiting cyber-damage.
There is little doubt that our financial networks and power grids remain vulnerable to attacks that could cripple the United States in minutes, bring aircraft into chaos, shipping into confusion, highways unregulated and individual consumer paralyzed. Since private vulnerabilities can create complete breakdowns of necessary social and operating systems impacting all of us, literally capable of bringing the United States to its knees, you’d think that Homeland Security and other governmental agencies would create security systems for those other than the biggest companies in the land.
Oh, I forget, they are using that money for tax breaks for companies that don’t need them. And money for a wall that really doesn’t do much but cost taxpayers? The Russians are smiling. The North Koreans are laughing. And an increasing number of cyber criminals are living a very luxurious lifestyle.
I’m Peter Dekom, and this chaos is the result of American gone rogue with priorities that put more of us at risk every day.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment