The United States now compares cyber attacks to terrorism.What this might mean

The FBI Director compares this By the time of 9/11: In an era of liquidation threats, this threat is increasingly proven to have the ability to destabilize society.

He was referring to cyber attacks.

The recent digital ransom attack has accelerated Washington’s recognition that the current trajectory is untenable.

That was after the meat factory was temporarily closed, including in Canada This week; after cars line up at an empty American gas station Main pipeline Was hacked.

A hacker recently tampered with the level of chemical substances Sewage treatment plant In Florida. Nuclear power and other power facilities, Voting systems, political parties, hospitals and governments have all been damaged.

“This is our new normal,” said Nicole Perlroth, a cybersecurity reporter for The New York Times and author of The New York Times. A new book About the history of cyber attacks.

She said in an interview that unless the government starts to take this threat more seriously, “this situation will only continue to happen.”

This issue is now on the political agenda of the United States.

Next week, US lawmakers will question the CEO of Colonial Pipeline, which is at the center of the most recent cyber attack, in two separate hearings. house with SenateThe Department of Justice has marked the threat as On par with terrorism.

US President Joe Biden intends to raise the hacking issue during his first meeting with Russian President Vladimir Putin later this month.

The United States is angry that Russia provides a safe haven for hackers. The leaders of the two countries will hold their first meeting as heads of government in Geneva on June 16. (Alexander Natruskin/Reuters)

The Biden administration is too It is said to be considering His own cyber attacks against the Russians angered the ransomware attacks from that country.

However, Americans must weigh this type of attack plan with the reality that in tit-for-tat communication, their highly connected country is as exposed as any country on the planet, and full of potential targets for retaliation.

At the same time, international negotiations are Take it easy Strive to reach the so-called Digital Geneva Convention in the United Nations-a global convention on the need to prohibit cybercrime.

This effort still has a long way to go Human rights groups Be cautious about the Russian-led initiative, worrying that authoritarian governments might use it to suppress political dissidents.

Perlroth’s new book, This is how they told me the end of the world, Discussed two key questions: How did we get here? Where are we going next?

How the market was born

It started with programmers in the 1990s who used hackers as a hobby, detecting software security vulnerabilities and trying to alert companies.

They are regarded as disgusting things by companies like Microsoft, or worse, because they hate their products being broken up.

In the end, a Entrepreneurial Texan There is an insight: why not profit from this work?

Journalist Nicole Perlroth’s book documents how computer hackers developed into an industry involving programmers, spy agencies, and criminals. (Christian Högstedt / Courtesy of Nicole Perlroth)

John Waters bought one Shy Technology companies also started paying for what hackers discovered in the early 2000s, and then published their findings in a security report he sold to corporate customers.

A market was born.

It involves the discovery and sale of a brand new commodity, the so-called zero-day vulnerability-a software defect that allows an intruder to cause damage with zero warning.

The intelligence agency called. Perlroth wrote that wealthy buyers belonging to the US government changed the market.

Zero-day Watters, once purchased for $400, was suddenly sold to a U.S. government contractor for $150,000; employees of the National Security Agency are quitting their government jobs, doubling their annual salary by selling only one hacker.

Watch | The rising cost of ransomware attacks:

Organizations attacked by ransomware face large amounts of encrypted data and high retrieval costs. Many people find that the cost of attack is very high whether they pay the ransom or not. 2:09

The power of military cyber weapons lies in 2010 attacks At an Iranian uranium plant that slows down Iran’s nuclear program.

Foreign countries and criminal groups are aware of the possibility of storing zero days. Unknown buyers now offer hackers millions of dollars in paydays.

‘This will only end badly’

Perlroth’s book describes a hacking conference held in Vancouver ten years ago. A veteran of the National Security Agency scanned a room filled with attendees from all over the world, then shook his head and realized that the United States was about to Lost control of the weapons it helped make.

“Well, the man told himself, it will only end badly,” she wrote.

A few years later, after Edward Snowden publicly exposed the NSA plan, disaster happened.

Suspected Russian hackers dumped online U.S. National Security Agency inventory Zero day has since been used in countless criminal attacks all over the world.

2017 WannaCry attackFor example, use NSA tools to take hundreds of thousands of computers offline.

Criminals demand ransom and disrupt British hospitals, Many government agencies and companies In 150 countries, In the fields of automobiles, railways, and package delivery.

Some hospitals have also been hit. The Hollywood Presbyterian Medical Center in Los Angeles, seen here, paid a $17,000 ransom after its database went down in 2016, forcing doctors to rely on telephones and fax machines. (Mario Anzoni/Reuters)

Perlroth wrote that the economic losses caused by cyber attacks have far exceeded the economic losses caused by terrorism.

A 2018 paper by the RAND think tank estimated that cyber attacks have already cost the global economy Trillions of dollars.

Smoke in Moscow

US officials are angry that Russia has given cybercriminals full power to operate on its territory, even using them as allies against the West.

Putin compares Russian hackers to Talented artist.

Perlroth’s book says that Putin has set two rules for Russian hackers: first, don’t attack Russians, and second, do it when the Kremlin asks for help.

Watch | Cyber ??attacks against major U.S. channels:

One of the worst cyber attacks on U.S. infrastructure will shut down the pipeline from Texas to New Jersey for several days. Officials accused a criminal gang called DarkSide. 2:04

An official who led the Obama White House cybersecurity operations said in an interview that he recalled a moment of major transformation in 2014.

It even happened before the attack on the U.S. election Mueller Report Blame it on the Russian government.

Michael Daniel said that following the escalation of tensions between the United States and Russia following the invasion of Ukraine in 2014, US officials found Russian hackers on numerous federal networks.

When American IT kicked them out of the network, something unusual happened: instead of hiding their tracks and disappearing, they kept appearing.

Edward Snowden’s revelation of NSA hacking triggered protests, including protests by pro-China parties in Hong Kong in 2013. By 2017, NSA hacking tools were stolen and dumped online for criminals and other countries to use. (Bobby Leaf/Reuters)

“They are back. They are fighting for control of the network,” said Daniel, the current president and CEO. Cyber ??Threat AllianceFrom 2012 to 2017, he served as the White House Cyber ??Security Coordinator.

“[They] Willing to meet frankly in a way that we have never seen before. This is largely a signal, and I think things have changed. ”

What’s next

So what should I do now?

Michael McFall, the most recent U.S. ambassador to Russia, Say no High hopes are placed on the Putin-Biden summit on June 16. He said the Russian leader has no interest in improving relations with the West.

On the domestic front, Biden this month issued an executive order aimed at strengthening the US cyber security game.

One to one May 12 Call for changes to federal contracts so that companies that do business with the US government comply with stricter security protocols, such as Two-step verification, Use cloud storage, and keep a record of each login.

Watch | Worried about hackers trying to disrupt the COVID-19 vaccine supply chain:

More and more people are worried that hackers are targeting the COVID-19 vaccine supply chain with the aim of disrupting the launch of the vaccine once it arrives in Canada. 2:00

It also created a digital equivalent of the National Transportation Safety Board: When the NTSB investigates a plane crash, the new Cyber ??Security Review Board will review computer accidents.

Cryptocurrency is another issue.

The reform call is focused on cryptocurrency, as shown in the picture. Critics claim that anonymous transactions are being abused by criminals and must be monitored. (Dado Luvi?/Reuters)

Multi-million dollar ransom Paying in digital currency Not subject to the same identity disclosure and money laundering requirements as standard financial transactions.

Daniel wants new rules for cryptocurrency trading.This is one of 50 Suggest From the ransomware report he participated in drafting.

Perlroth says she is depressed People are slow to run software updates. For example, after the NSA weapon was released in 2017, the software company released an update; she said too many people did not download the patch.

She hopes that the US Congress will pass a new law that will make cyber hygiene a requirement of the company.

What is the cause of insomnia at night

She also urged more funding for research, such as research supported by the Pentagon Design of a new microchip Prevent the spread of suspicious code.

Her book says that cyber warfare keeps her sleepless nights.When asked what kind of attack kept her awake, she said it was more than just one thing, it was like a sign of an invasion Voting system With the computer nuclear power plant.

This is everything.

At the moment she was interviewed by CBC News last week, she saw a headline news about a ransomware attack. Nantucket Ferries.

She said that what we are seeing is not the Digital Pearl Harbor attack, but a slowly spreading plague: the theft of intellectual property rights, the paralysis of public institutions, infrastructure and even democracies are more fragile.

“What’s left?” she said.

Source link