He’s fighting a cyberattack ‘the world isn’t ready for’
Strike on global conglomerate IDT could have profound effects if hackers aren’t found
NEWARK, N.J. — There have been times over the past two months when Golan Ben-oni has felt like a voice in the wilderness.
On April 29, someone hit his employer, IDT Corp., with two cyberweapons that had been stolen from the National Security Agency. Ben-oni, the global chief information officer at IDT, was able to fend them off, but the attack left him distraught.
In 22 years of dealing with hackers of every sort, he had never seen anything like it. Who was behind it? How did they evade all of his defenses? How many others had been attacked but did not know it?
Since then, Ben-oni has been sounding alarm bells, calling anyone who will listen at the White House, the FBI, the New Jersey attorney general’s office and the top cybersecurity companies in the country to warn them about an attack that may still be invisibly striking victims undetected around the world.
And he is determined to track down whoever did it.
“I don’t pursue every attacker, just the ones that piss me off,” Ben-oni said recently over lentils in his office, which was strewn with empty Red Bull cans. “This pissed me off and, more importantly, it pissed my wife off, which is the real litmus test.”
Two weeks after IDT was hit, the cyberattack known as Wannacry ravaged computers at hospitals in England, universities in China, rail systems in Germany, even auto plants in Japan. No doubt it was destructive. But what Ben-oni had witnessed was much worse, and with all eyes on the Wannacry destruction, few seemed to be paying attention to the attack on IDT’S systems — and most likely others around the world.
The strike on IDT, a conglomerate with headquarters in a nondescript gray building here with views of the Manhattan skyline 15 miles away, was similar to Wannacry in one way: Hackers locked up IDT data and demanded a ransom to unlock it.
But the ransom demand was just a smoke screen for a far more invasive attack that stole employee credentials. With those credentials in hand, hackers could have run free through the company’s computer network, taking confidential information or destroying machines.
Worse, the assault, which has never been reported before, was not spotted by some of the nation’s leading cybersecurity products, the top security engineers at its biggest tech companies, government intelligence analysts or the FBI, which remains consumed with the Wannacry attack.
Were it not for a digital black box that recorded everything on IDT’S network, along with Benoni’s tenacity, the attack might