Criticism ‘won’t stop the Kremlin’s attacks’
The public denouncement of Russia by the US, Britain and Australia is unlikely to dissuade the Kremlin from using hacking as a weapon and could push it to escalate attacks on critical infrastructure globally, according to a senior cyber security expert.
Charles Carmakal, vicepresident at security firm FireEye, told The Australian the heightened geopolitical tensions between the US and Russia would further embolden Russia to orchestrate targeted attacks on networks.
“I see Russia continuing their operations and they may escalate their activities and that’s the fear right now — and at what point of time does it become an act of war?” Mr Carmakal said.
The federal government on Tuesday said that as many as 400 Australian businesses had been attacked by hackers backed by Russia.
Defence Minister Marise Payne has said the companies came under attack in August but there was no indication that sensitive data had been stolen.
In the latest incident, hackers targeted equipment such as routers, switches and other network devices belonging to governments, businesses and critical infrastructure providers, in a bid to extract sensitive information.
Mr Carmakal said the Russian government had been scanning the internet for network equipment compromised by poor se- curity controls for some time.
“Once they get a large number of these devices under control they can use them to spy on any traffic going through the device,” he said. “They could also install malicious code to get into an organisation’s network.”
This weakness, according to Mr Carmakal, had allowed the Kremlin to become increasingly aggressive in using cyber attacks to threaten other nations.
“Russian actors are not only the most aggressive threat actors, they are also very calculated and so far they are the only ones that have successfully attacked power infrastructure,” he said.
“We believe that Russia turned off the power in parts of Ukraine in December 2015 and again in December 2016.”
Turning off the lights is a dramatic illustration of what hackers can do but Mr Carmakal said this requires significant investment in skills and technology.
“The operation systems are pretty old and are usually not directly connected to the internet. The risk is in the connection between the IT environment and the operations environment,” he said.
Although the IT systems could be compromised, Mr Carmakal said shutting down power generation and distribution channels required specialised expertise.
“You have to know electrical engineering and how circuitry works, so those who can turn off the power completely are very skilled,” he said.