Hurt­ing more than just pix­els

Two global cy­ber­at­tacks in two months por­tend a grow­ing threat.

The Washington Post Sunday - - SUNDAY OPINION -

ONE FAL­LACY about cy­ber­at­tacks is that they hurt pix­els, not peo­ple. A cy­ber­in­tru­sion might steal emails, empty bank ac­counts or com­pro­mise iden­tity but prob­a­bly can’t do real dam­age in the phys­i­cal world, or so the think­ing goes. There are ex­cep­tions: The Stuxnet worm that the United States and Is­rael un­leashed against Iran’s nu­clear en­rich­ment cen­trifuges caused phys­i­cal dam­age — com­pelling the ma­chines to spin too fast and break — but that was a so­phis­ti­cated sab­o­tage op­er­a­tion, not an everyday oc­cur­rence.

Now, the dan­ger has moved closer to everyday. The wave of mal­ware that spread across the globe last week, called Petya by some an­a­lysts (and NotPetya by oth­ers), sud­denly locked up com­puter sys­tems be­ing used to man­age oil com­pa­nies, air­line flights, elec­tri­cal grids, con­tainer ships, ports, banks and gov­ern­ment min­istries. Even the com­put­ers mon­i­tor­ing ra­di­a­tion at Ch­er­nobyl, scene of the world’s worst nu­clear accident, were si­lenced. How far away is the mo­ment when a power out­age caused by a cy­ber­at­tack throws a hos­pi­tal into dark­ness, caus­ing pa­tients to suf­fer, or die? Or, leads to even more fright­ful con­se­quences?

The lat­est on­slaught was a ma­li­cious pro­gram — a worm — that caused com­put­ers to lock up and de­mand from the user a ran­som in bit­coin, the anony­mous dig­i­tal cur­rency. When in­fected, a com­puter dis­plays a sim­ple text screen with the chill­ing first line “Ooops, your im­por­tant files are en­crypted.” It is not clear whether the files were en­crypted or just de­stroyed. Since the email ad­dress for pay­ing ran­som was swiftly cut off by the provider, it ap­pears the at­tack was in­tended to be more de­struc­tive than prof­itable.

Some re­searchers think it was not re­ally about ran­som at all, just in­tended to sow chaos. The mal­ware dis­played clever at­tributes that al­lowed it to spread rapidly across net­works and re­port­edly in­fect com­put­ers run­ning the lat­est Win­dows op­er­at­ing sys­tem, a re­minder of how threats in cy­berspace can out­run de­fenses. In this case, it seems the nasty worm was aided by an ad­vanced ex­ploit, or de­liv­ery ve­hi­cle, named Eter­nal Blue, that had been looted ear­lier from the Na­tional Se­cu­rity Agency. This was the sec­ond mass cy­ber­at­tack us­ing one of th­ese stolen ex­ploits in two months.

No one knows who per­pe­trated the lat­est at­tack, and that is an­other en­dur­ing worry about cy­ber­con­flict: At­tri­bu­tion is of­ten dif­fi­cult, and time­con­sum­ing. This might have been a ma­li­cious gang, or a na­tion-state.

There is no magic so­lu­tion that can stop a threat such as this, one that crosses na­tional boundaries and in­fects real-world sys­tems. The at­tack shows once again that, for all the won­ders of the dig­i­tal rev­o­lu­tion, bad ac­tors are con­stantly in­no­vat­ing too, look­ing for ways to dis­rupt, thieve and de­stroy. There is no sub­sti­tute for vig­i­lance and de­fense, es­pe­cially pro­tect­ing all-im­por­tant crit­i­cal in­fra­struc­ture, hope­fully stop­ping the mal­ware be­fore it man­ages to turn off more than just pix­els.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.