Crit­i­cism ‘won’t stop the Krem­lin’s at­tacks’


The pub­lic de­nounce­ment of Rus­sia by the US, Britain and Aus­tralia is un­likely to dis­suade the Krem­lin from us­ing hack­ing as a weapon and could push it to es­ca­late at­tacks on crit­i­cal in­fras­truc­ture glob­ally, ac­cord­ing to a se­nior cy­ber se­cu­rity ex­pert.

Charles Car­makal, vi­cepres­i­dent at se­cu­rity firm FireEye, told The Aus­tralian the height­ened geopo­lit­i­cal tensions be­tween the US and Rus­sia would fur­ther em­bolden Rus­sia to or­ches­trate tar­geted at­tacks on net­works.

“I see Rus­sia con­tin­u­ing their op­er­a­tions and they may es­ca­late their ac­tiv­i­ties and that’s the fear right now — and at what point of time does it be­come an act of war?” Mr Car­makal said.

The fed­eral gov­ern­ment on Tues­day said that as many as 400 Aus­tralian busi­nesses had been at­tacked by hack­ers backed by Rus­sia.

De­fence Min­is­ter Marise Payne has said the com­pa­nies came un­der at­tack in Au­gust but there was no in­di­ca­tion that sen­si­tive data had been stolen.

In the lat­est in­ci­dent, hack­ers tar­geted equip­ment such as routers, switches and other net­work de­vices be­long­ing to gov­ern­ments, busi­nesses and crit­i­cal in­fras­truc­ture providers, in a bid to ex­tract sen­si­tive in­for­ma­tion.

Mr Car­makal said the Rus­sian gov­ern­ment had been scan­ning the in­ter­net for net­work equip­ment com­pro­mised by poor se- cu­rity con­trols for some time.

“Once they get a large num­ber of these de­vices un­der con­trol they can use them to spy on any traf­fic go­ing through the de­vice,” he said. “They could also in­stall ma­li­cious code to get into an or­gan­i­sa­tion’s net­work.”

This weak­ness, ac­cord­ing to Mr Car­makal, had al­lowed the Krem­lin to be­come in­creas­ingly ag­gres­sive in us­ing cy­ber at­tacks to threaten other na­tions.

“Rus­sian ac­tors are not only the most ag­gres­sive threat ac­tors, they are also very cal­cu­lated and so far they are the only ones that have suc­cess­fully at­tacked power in­fras­truc­ture,” he said.

“We be­lieve that Rus­sia turned off the power in parts of Ukraine in De­cem­ber 2015 and again in De­cem­ber 2016.”

Turn­ing off the lights is a dra­matic il­lus­tra­tion of what hack­ers can do but Mr Car­makal said this re­quires sig­nif­i­cant in­vest­ment in skills and tech­nol­ogy.

“The oper­a­tion sys­tems are pretty old and are usu­ally not di­rectly con­nected to the in­ter­net. The risk is in the con­nec­tion be­tween the IT en­vi­ron­ment and the op­er­a­tions en­vi­ron­ment,” he said.

Al­though the IT sys­tems could be com­pro­mised, Mr Car­makal said shut­ting down power gen­er­a­tion and dis­tri­bu­tion chan­nels re­quired spe­cialised ex­per­tise.

“You have to know elec­tri­cal en­gi­neer­ing and how cir­cuitry works, so those who can turn off the power com­pletely are very skilled,” he said.

Newspapers in English

Newspapers from Australia

© PressReader. All rights reserved.