Tag Archives: cyber attack

January 2020 in Review

Most frightening and/or depressing story:
  • Open cyberwarfare became a thing in the 2010s. We read the individual headlines but didn’t connect the dots. When you do connect the dots, it’s a little shocking what’s going on.
Most hopeful story:
  • Democratic socialism actually does produce a high quality of life for citizens in many parts of the world. Meanwhile, the hard evidence shows that the United States is slipping behind its peer group in many measures of economic vibrancy and quality of life. The response of our leaders is to tell us we are great again because that is what we want to hear, but not do anything that would help us to actually be great again or even keep up with the middle of the pack. This is in the hopeful category because solutions exist and we can choose to pursue them.
Most interesting story, that was not particularly frightening or hopeful, or perhaps was a mixture of both:

the decade in cybersecurity and cyberwarfare

Wired goes over the major data breaches and cyber attacks of the decade. Huge amounts of data were stolen from both corporations and government agencies, but what really surprised me was the amount of actual cyber warfare between nation states.

  • Stuxnet – attack by U.S. and Israeli governments against Iran in 2010. One thing I didn’t know is this targeted industrial control software made by Siemens. So major industries are controlled by computers, and hacking can increasingly have real-world consequences.
  • Shamoon (2012) – attack by Iran against Saudi Aramco, “inspired” and possibly retaliation for the Stuxnet attack.
  • Sony (2014) – attack by North Korea against Sony in response to a movie depicting the assassination of a North Korean leader
  • Office of Personnel Management (2013-2014) – attack by Chinese government on the U.S. government. This was a massive information theft but was not intended to shut anything down.
  • Russia vs. Ukraine (2015-2016) – several attacks leading to blackouts and confusion coordinated with an actual military attack.
  • Shadow Brokers (2016-2017) – NSA malware stolen and released into the wild, probably by North Korean hackers. The most well-known one was ransomware “Wannacry” which disrupted major corporations including hospitals.
  • And of course, Russian propaganda and disinformation during the 2016 U.S. election.
  • NotPetya (2017) – this was Russian malware targeted at Ukraine, but so bad it affected computers around the world and blew back to affect Russia itself

February 2019 in Review

Most frightening and/or depressing story:

Most hopeful story:

  • Here is the boringly simple western European formula for social and economic success: “public health care, nearly free university education, stronger progressive taxation, higher minimum wages, and inclusion of trade unions in corporate decision-making.” There’s even a glimmer of hope that U.S. politicians could manage to put some of these ideas into action. Seriously, I’m trying hard not to be cynical.

Most interesting story, that was not particularly frightening or hopeful, or perhaps was a mixture of both:

  • We could theoretically create a race of humans with Einstein-level intelligence using in-vitro fertilization techniques available today. They might use their intelligence to create even smarter artificial intelligence which would quickly render them (not to mention, any ordinary average intelligence humans) obsolete.



cyber-attack – nothing to fear but fear itself?

Another thing Axios is worried about is a “crippling cyber-attack”.

Homeland Security Secretary Kirstjen Nielsen said this week that the U.S. is in “crisis mode,” comparing the danger of a massive attack to a Category 5 hurricane looming on the horizon. Intelligence chiefs from the last three administrations agree, and told Axios there is no graver threat to the United States.

A well-executed cyberattack could knock out the electrical grid and shut off power to a huge swath of the country, or compromise vital government or financial data and leave us unsure what is real.

That last phrase is chilling to me. Even if a cyber-attack didn’t result in immediate loss of life, if it creates real fear that the systems of civilization are breaking down (such as transportation, communication, food and financial systems), it could lead to panic and severe consequences. Most of us do not have a stash of gold coins under our mattresses these days.

Russian election hacking in Ukraine

Russia, or hackers in Russia, tried to hack an election in Ukraine in 2014 and got caught, according to the Christian Science Monitor.

Only 40 minutes before election results were to go live on television at 8 p.m., Sunday, May 25, a team of government cyber experts removed a “virus” covertly installed on Central Election Commission computers, Ukrainian security officials said later.

If it had not been discovered and removed, the malicious software would have portrayed ultra-nationalist Right Sector party leader Dmytro Yarosh as the winner with 37 percent of the vote (instead of the 1 percent he actually received) and Petro Poroshenko (the actually winner with a majority of the vote) with just 29 percent, Ukraine officials told reporters the next morning.

cyber warfare

Critical parts of the internet in the U.S. are being systematically probed by foreign government hackers, according to one security expert.

Recently, some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDoS attacks against them. Moreover, they have seen a certain profile of attacks. These attacks are significantly larger than the ones they’re used to seeing. They last longer. They’re more sophisticated. And they look like probing. One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure.

The attacks are also configured in such a way as to see what the company’s total defenses are. There are many different ways to launch a DDoS attack. The more attack vectors you employ simultaneously, the more different defenses the defender has to counter with. These companies are seeing more attacks using three or four different vectors. This means that the companies have to use everything they’ve got to defend themselves. They can’t hold anything back. They’re forced to demonstrate their defense capabilities for the attacker…

Who would do this? It doesn’t seem like something an activist, criminal, or researcher would do. Profiling core infrastructure is common practice in espionage and intelligence gathering. It’s not normal for companies to do that. Furthermore, the size and scale of these probes — and especially their persistence — points to state actors. It feels like a nation’s military cybercommand trying to calibrate its weaponry in the case of cyberwar. It reminds me of the US’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.

ghost fleet

I’m a sucker for hypothetical future war books. I don’t know why I find them so fun. Obviously I would not find it so fun if this actually happened.

From Amazon:

What will the next global conflict look like? Find out in this ripping, near-futuristic thriller.

The United States, China, and Russia eye each other across a twenty-first century version of the Cold War, which suddenly heats up at sea, on land, in the air, in outer space, and in cyberspace. The fighting involves everything from stealthy robotic–drone strikes to old warships from the navy’s “ghost fleet.” Fighter pilots unleash a Pearl Harbor–style attack; American veterans become low-tech insurgents; teenage hackers battle in digital playgrounds; Silicon Valley billionaires mobilize for cyber-war; and a serial killer carries out her own vendetta. Ultimately, victory will depend on blending the lessons of the past with the weapons of the future.

Ghost Fleet is a page-turning speculative thriller in the spirit of The Hunt for Red October. The debut novel by two leading experts on the cutting edge of national security, it is unique in that every trend and technology featured in the novel — no matter how sci-fi it may seem — is real, or could be soon.

The gold standard, for me, will always be Clancy’s 1986 Red Storm Rising, which was about a hypothetical U.S.-Soviet Union War. He tried to pull an encore of sorts in 2001 with The Bear and the Dragon, but it just wasn’t that great. A similar hypothetical U.S.-China war novel is 1999’s Dragon Strike, by Humphrey Hawksley, which was a little better than the Clancy version even though Clancy invented the genre (and you wonder if Clancy read Dragon Strike before he published his novel, or maybe had already written the novel and was annoyed someone beat him to the punch with similar subject matter).

One more future war novel I found interesting and thought provoking was Deep Sound Channel by Joe Buff. In that one, yet another German-led axis of evil arises. The novel focuses on the hypothetical use of nuclear weapons in fairly limited and tactical ways in naval and submarine warfare.

Maybe I like these books for the chance to put my petty everyday concerns and irritations in perspective.

jeep hacker

Yes, hackers can really take over cars. Here’s a Wired article where it’s done on purpose.

Miller and Valasek’s full arsenal includes functions that at lower speeds fully kill the engine, abruptly engage the brakes, or disable them altogether. The most disturbing maneuver came when they cut the Jeep’s brakes, leaving me frantically pumping the pedal as the 2-ton SUV slid uncontrollably into a ditch. The researchers say they’re working on perfecting their steering control—for now they can only hijack the wheel when the Jeep is in reverse. Their hack enables surveillance too: They can track a targeted Jeep’s GPS coordinates, measure its speed, and even drop pins on a map to trace its route.

All of this is possible only because Chrysler, like practically all carmakers, is doing its best to turn the modern automobile into a smartphone. Uconnect, an Internet-connected computer feature in hundreds of thousands of Fiat Chrysler cars, SUVs, and trucks, controls the vehicle’s entertainment and navigation, enables phone calls, and even offers a Wi-Fi hot spot. And thanks to one vulnerable element, which Miller and Valasek won’t identify until their Black Hat talk, Uconnect’s cellular connection also lets anyone who knows the car’s IP address gain access from anywhere in the country. “From an attacker’s perspective, it’s a super nice vulnerability,” Miller says.

From that entry point, Miller and Valasek’s attack pivots to an adjacent chip in the car’s head unit—the hardware for its entertainment system—silently rewriting the chip’s firmware to plant their code. That rewritten firmware is capable of sending commands through the car’s internal computer network, known as a CAN bus, to its physical components like the engine and wheels. Miller and Valasek say the attack on the entertainment system seems to work on any Chrysler vehicle with Uconnect from late 2013, all of 2014, and early 2015. They’ve only tested their full set of physical hacks, including ones targeting transmission and braking systems, on a Jeep Cherokee, though they believe that most of their attacks could be tweaked to work on any Chrysler vehicle with the vulnerable Uconnect head unit. They have yet to try remotely hacking into other makes and models of cars.