On December 23, a large section of Ukraine went dark. The source wasn’t mechanical failure, nor was it human error. According to Ukrainian officials, it was a cyber-attack, the source of which was reportedly Russia.
To make matters worse, a more recent attack against Kiev’s main airport probably originated from the same source.
“A spokeswoman for the airport said Ukrainian authorities were investigating whether the malware was connected to a malicious software platform known as “BlackEnergy,” which has been linked to other recent cyber attacks on Ukraine,” reads a report on Reuters. “There are some signs that the attacks are linked, she said.”
These attacks, which are likely part of a larger, ongoing cyberwar between Russia and the Ukraine, drive home one very unpleasant fact. Cyberattacks are getting worse, and criminals – both state-sponsored and independent black hats – are getting better at their jobs. And it’s no longer just customer data that these hackers are after.
Overseas corporations are targeting American businesses, attempting to steal their data to gain a competitive advantage. “Hacktivists” are hurling their ire at anyone who displeases them, bringing down everything from the PlayStation Network to Nasdaq’s website. And as more and more of our world becomes digitized, cyberterrorism the likes of which was seen in the Ukraine will likely become increasingly prevalent.
After all, why go to the trouble of physically attacking a nation’s infrastructure when a few lines of code can cause an international crisis?
Let’s switch gears. We’ve made it clear enough that there’s a problem. It’s time to talk about finding a solution. What can we as IT professionals do to safeguard both our businesses and our personal lives against a new generation of cyber-crime?
Well…first and foremost, we need to start doing our jobs.
Let me be clear about one thing: attacks like the Kiev airport are disconcerting at best, and downright terrifying at worst. But such attacks represent the minority – and that aside, chances are fairly high that if your business is targeted by a state-sponsored hacker, it’s only a matter of time before someone has access to your data. What’s far more common – and absolutely unacceptable, besides – is that the majority of cyberattacks aren’t actually all that complex.
“The common theme in all of the attacks implemented so far, is that the hackers were taking advantage of “embarrassingly trivial security flaws at these organizations.” explains Palantir Technologies cybersecurity director Melody Hildebrandt, speaking to Wealthmanagement.com. “While many firms could not withstand an attack by the Chinese government, that’s not the level of sophistication seen in these attacks.“One organization was running on a Windows XP service package that had been end-of-lifed by Microsoft 10 years ago. It’s well known if you plug one of these machines into the Internet, it will be compromised within four minutes.”
So, long story short…cyberattacks are indeed getting worse, but as a whole, they’re not as complex as the prevailing dialogue would have us believe. If we’re to defend ourselves against today’s more persistent cybercriminals, we need to start by taking a long, hard look at how our organizations manage their security. After all, if we can’t defend against the small fries, how can we possibly hope to protect ourselves when we’re attacked by people who actually know what they’re doing?
Image: Flickr/Mr. Cacahuate