Cyberwarfare Begins in Earnest—Will America Hack Back?
In early 2020, hackers broke into the systems of SolarWinds, a Texas-based software company, and added a malicious code into the Orion software system. The attack revealed sensitive and confidential information, as well as private intellectual property. The dark web is a hotbed for stolen information, and any information can be sold for money, or it can be used for any attacks in the future. Hackers used the malicious code into the SolarWinds system as a vehicle for other major cyberattacks against the US.
The April 29 ransomware attack on the Colonial Pipeline billing system resulted in Colonial Pipeline’s CEO shutting the pipeline down, raising gas prices, and creating shortages and panic. The Colonial Pipeline transports nearly half of the East Coast’s gasoline, and distribution was halted in 12 states across the East Coast. Some gasoline stations were pushed to the limit, causing long lines and frustrations, which resulted in residents across those states going into panic-buying mode. Colonial Pipeline paid hackers $5 million in ransom to regain access to the network.
A May 30 ransomware attack on JBS USA Holdings, Inc., a meat processing company, could have an impact on beef prices, though the company is reopening plants. The attack on JBS USA Holdings, Inc. is significant because $11 million was paid to resolve the ransomware attack. The more officials discover about the SolarWinds hack, its effect on sensitive and confidential data seems to have been deeper than what was initially believed. With the increasing incidence rates of cyberattacks in the United States, more leaders and experts are beginning to wonder if America will strike back.
Will The President Strike Back Against Criminal Groups?
In a recent interview, President Joe Biden did not rule out any attempts of the US striking back. According to CNN Politics, when President Biden was asked if he would rule out any cyberattacks against the criminal groups that carried out the recent attacks, President Biden stated, “No”. The topic of “Will America Hack Back?” has proven to be a hot topic to all businesses and organizations that are responsible for holding confidential and sensitive data via software or cloud technologies.
If the President did not rule out any cyberattacks targeting the criminal groups, does this mean we are getting closer to open cyberwarfare against foreign states, particularly Russia and China? There have been conversations with experts who can confirm whether more significant attacks on critical national infrastructure are likely to hit the US, leading us to participate in cyberwarfare.
If the President does strike back, how soon could the first counterattack take place? Who will the President attack first? If he does not strike back, how soon could another cyberattack hit the US? Will there be a shift in the balance of power? During a conversation with an industry expert, I shared my opinion on whether I think America is edging closer to open cyberwarfare.
Are We Any Closer to Cyberwarfare?
When asked if I believe we are edging closer to ”full-on, advanced, open warfare with foreign states, particularly Russia and China?”, I shared my view:
“This is a great question being asked. My belief is that cyberwarfare has been going on for many years now, think Stuxnet against the Iranian nuclear facilities. All countries probably conduct cyberwarfare in one form or another against others. It’s a natural progression of means to an end. The more we add technology to our lives, the more disruptive an outage or hack will be. As technology advances continue to make our lives easier and more connected, the impact to what happens with an outage will be much larger and have a higher effect on our infrastructure and daily lives. I definitely see this as an increasing trend, especially because technology is advancing at breakneck speed today.”
When asked for my opinion on how I anticipate America defending ourselves against cyberattacks, I had this to say:
We will certainly see more critical national infrastructure hits coming as there is not enough cybersecurity proactive work being done. Organizations are not seeing the true danger and need to close up their vulnerabilities, and so they are very lax in their approach. They weigh risk vs cost and use insurance to balance that. When we truly have mechanisms in place and companies that understand and take steps to protect their infrastructure, then the hacks will go down. The Colonial Pipeline hack was not successful because they were hacked by very intelligent hackers, they were lax with their security and the hackers found and used those holes against them. Colonial had an account of a user that was no longer employed, still active, they did not have multi-factor authentication enabled for remote access via a VPN and the user with the account had his password found on the darkweb, probably because he/she used it multiple times. This means that there was not enough user awareness to educate the users on how to properly protect themselves. If you go back and look at every single attack, very few were due to unknown vulnerabilities and were more likely than not, using software that was not properly patched, accounts were not locked down, users had local administrator level access to their systems, and they simply did not get training on how to identify fake emails. It’s a shame because so many companies are finding out the hard way that they have to pay so much more after an attack compared to what it would cost prior to an attack. More examples of this, Maersk with the NotPetya attack suffered a major outage, and it cost them about 800M estimated in recovery cost. No one confirmed it, but there were some reports that they had outdated unsupported systems in place, they did not have a strong security prevention program in place. That may be the case today, but this is how the criminals get in, they take advantage of the vulnerabilities that companies don’t address until it’s too late.
Who May Be The First Victim of a Counterattack?
I was also asked how soon could the President launch his first counterattack and in what ways the counterattack could occur. I was also asked for an opinion on who may be the first victim of an attack and how much provocation it will take.
“I am pretty confident that there is a program and hacking going on already, we just don’t know about it. The media in the US is a free press, so they can report on anything. That is not exactly the same in other countries. When something happens here it gets reported. When something happens in other countries, where there is no free media, there may be suppression of news, so we won’t know about that. This is only my opinion.”
There have been growing concerns on whether there will be a balance of power with less damage and upheaval after a rising increase in attacks.
“The only way this gets reduced is when we either get serious about prevention of cyberattacks and do more to protect our infrastructure and organizations, by having good cybersecurity practices, or we go back to analog devices or disconnect from the internet. Since that is not ideal, we will probably need to do more proactively to reduce the amount of hacks taking place.”
How Do We Move Forward?
Cyberwarfare has significantly impacted us in unbelievable and unimaginable ways. Future attacks can come from within an organization or outside an organization. We anticipate there will be an ongoing debate about how to handle the attacks that are ongoing and the attacks that may occur in the future. We cannot afford to sit idly and accept cyberattacks. The concerns surrounding cybersecurity and cyberattacks are not going to go away right now. All businesses and organizations should take a more proactive approach.
Baroan Technologies is a leading IT service and IT support company in the Tri-State area. One of our key focuses is on security. We can help your business or organization leverage technology and improve your bottom line while focusing on protecting your workplace from internal and external threats. To book your consultation or schedule a quote, please do not hesitate to contact us.