area and when Colonial Pipeline was hit I couldn’t get gas for a few days last summer. You can default on contracts and agreements. What that leads to is a loss of network control. So if you have a network that’s not configured properly, or a system that hasn’t been patched, that could be a gateway for a ransomware actor to come in and encrypt and lock up your network. And then last year with the ransomware attacks on Colonial Pipeline and JBS Meats-ransomware actors are not discriminating necessarily, they’re not falling in line under a targeting list, going after big banks and government agencies. For a lot of Americans, the 2016 election was a bit of a wake up that cyber manipulation is a truly geopolitical tool or weapon that can be used not just against Washington, D.C., but middle America. If we’ve learned anything in the last 12 to 14 months, it’s that the kind of mythical cyberattacks that we’ve all heard about are perhaps not as rare or uncommon or distant as we previously thought. What kind of impact could some of these things have on American businesses in a very tangible way? I think average Americans and small business owners hear things about malware and cyberattacks, and it feels very far away. In this case, that included Lithuania and Latvia. The HermeticWiper was apparently deployed and installed in Ukraine, but due to the network architecture, and the policy that was embedded in the execution instructions, the malware spreads wherever the network has connections. The internet is a globally connected ecosystem. Now, the challenge here is that operational control of malware can sometimes be difficult. There’s the HermeticWiper from earlier this week. We’ve seen some of the denial of service attacks. Well, first is directly targeting organizations that are in Ukraine. What kind of cyberattacks are we already seeing so far in the past few days? If part of the objective is not necessarily to be disruptive to the economy but instead disruptive to the psyche of the American people, then you could see schools and hospitals being targeted. Or should at least plan to be prepared, because we’ve seen ransomware actors in the past not necessarily be as strategic in their targeting, instead being incredibly opportunistic. So when we pull this all together, it’s critical lifeline vectors with engagement between government and industry.īut every organization could be affected here. And they’ve also gone after transportation and the aviation sector. They have gone after energy companies here in the past. Given the information we have available to us-and that tends to be history, so the sectors they’ve gone after in the past, as well as the incitement that we may see from sanctions-then I would say our experience with Russia in what we could anticipate would include banks, because we’ve sanctioned a number of their banks. What sectors do you think are the most likely targets for Russian cyberattacks right now? There’s no specific credible intelligence or information that I’ve reviewed, but there is a nonzero chance.īusiness leaders need to be taking this situation seriously-beyond the fact that of course there’s a tragic war in Ukraine-because there could be spillover effects here in the U.S. So when you combine the capability, their willingness to use it, and their prior targeting of American businesses and Western businesses in general, there’s a nonzero chance that something could happen. A couple years ago they were targeting some of our energy companies, and then you have the espionage cases from last year with SolarWinds. We also have an unfortunate history of cyberattack experience with the Russians, of course. As well as their classic technique of spreading disinformation and false flag type operations. In 2008, when they went into Georgia, they used destructive attacks against government agencies in Georgia. So we know that they’re not afraid to use their tools, generally speaking, but also specifically in coordination with a military assault and invasion. And then they launched the most destructive cyberattack in history, the NotPetya attack in June of 2017. Ukraine has the unfortunate designation as being Russia’s test kitchen for some of their cyber tools-the Russians have taken down the Ukrainian electrical grid twice, both in 20. Well, for one, we know that the Russian security services are very capable in the cyber arena. Experts have been warning that the conflict in Ukraine poses an unprecedented cyber risk even for U.S.
0 Comments
Leave a Reply. |