How a Massive Cyberattack Could Happen To Us

http://real-agenda.com/feed

The Petya Ransomware attack hit globally, but one country, in particular, was devastated by it. The Ukrainian infrastructure was brought own by the attack, where the epicenter occurred, and now, experts are suggesting that it may have been deliberate and state-sponsored. The ostensible purpose of all that damage was to make money — and yet there’s very little money to be found. Most ransomware flies under the radar, quietly collecting payouts from companies eager to get their data back and decrypting systems as payments come in. But Petya seems to have been incapable of decrypting infected machines, and its payout method was bizarrely complex, hinging on a single email address that was shut down almost as soon as the malware made headlines. As of this morning, the Bitcoin wallet associated with the attack had received just $10,000, a relatively meager payout by ransomware standards. It leads to an uncomfortable question: what if money wasn’t the point? What if the attackers just wanted to cause damage to Ukraine? (source) This is not the first time Ukraine has been under siege by cyberattack. In fact, the battle has been nearly constant for quite some time. Ukrainian cybersecurity analysts view Ukraine as the primary target, and the Petya outbreak as just another strike in their ongoing cyberwar with organized and relentless hackers that the Ukrainian government has publicly linked to Russian state actors. “I think this was directed at us,” says Roman Boyarchuk, the head of the Center for Cyber Protection within Ukraine’s State Service for Special Communications and Information Protection. “This is definitely not criminal. It is more likely state-sponsored.”  As for whether that state sponsor was Russia, “It’s difficult to imagine anyone else would want to do this,” Boyarchuk says. Boyarchuk points to the timing of the attack, just before Ukraine’s Constitution Day, which celebrates the country’s post-Soviet independence… More technical clues support that theory, some Ukrainian security researchers say. Kiev-based Information Systems Security Partners, which has acted as a first responder for several recent waves of cyberattacks on Ukrainian companies and government agencies, says it has found evidence that sophisticated hackers quietly infiltrated the networks of at least some Ukrainian targets two to three months before they triggered the ransomware that paralyzed those organizations. (source) Security specialist Matthieu Suiche said in a blog post that it wasn’t a “ransomware” attack intended to make money, and is instead a “wiper” sent to eradicate data. The fact of pretending to be a ransomware while being in fact a nation state attack — especially since WannaCry proved that widely spread ransomware aren’t financially profitable — is in our opinion a very subtle way from the attacker to control the narrative of the attack. (source) Forensic analyst Oleksii Yasinsky told Wired that the intent was not money, even though this presented as a ransomware attack. Rather than just encrypting infected hard drives and demanding $300 in Bitcoin for the decryption key, in some cases it simply wiped machines on the same network, deleting a victim computer’s deep-seated master boot record, which tells it how to load its operating system. Yasinsky argues that this behavior indicates the attackers weren’t, in fact, trying to extort payments from those victims but instead wanted to cause maximum disruption. (source) They wanted to cause maximum disruption. Now, isn’t that just about the scariest thought ever? What if the US was hit by a similar cyber-attack? Let’s go a little further down this rabbit hole and imagine such an attack happening in the United States. Because, really, is it that far-fetched? In fact, is it possible that this is a dry run for a massive attack on the American infrastructure? Maybe they want to see what happens when they take down the essential systems of a modern country on a smaller scale first, in order to maximize the effects on a larger target. Scary, but possible. Everything we do revolves around computers these days. Businesses keep their records there. Systems are automated there. It goes on and on. And with this particular virus, one expert said, “There IS NO KILL SWITCH.” It’s virtually unstoppable once it gets into a system and it eradicates everything. You know how I’m always encouraging you to watch survival movies and read survival fiction to enhance your prepared mindset? Let’s use this real life scenario and wargame the situation based on the systems that were damaged in Ukraine and think this through. Banking would be disrupted Many banks in Ukraine were hit by the attack, which means that people suddenly had no access to their money. Their credit and debit cards wouldn’t work and the ATMs were down. In the United States, most folks use credit or debit as they go throughout their days. Gas pumps are set up to pay at the pump with your bank card. We think nothing of swiping our card at the grocery store or at lunch. We know we have money in there, and it’s less risky than carrying cash, in most folk’s minds. But what if suddenly you couldn’t use your credit cards and debit cards? What if the ATM machines went dark and you couldn’t get any cash from them? Imagine this happened when you were traveling on business, miles from home with a half empty gas tank. You wouldn’t be able to get a hotel room, get more fuel, get food – nothing at all unless you had cash on hand […]

The post How a Massive Cyberattack Could Happen To Us appeared first on The Real Agenda News.

Read the rest below at the source link