An excerpt from the 2019 book “Sandworm,” by WIRED senior editor Andy Greenberg, reads like a whodunit of sorts, in that a crime — the hacking of the IT infrastructure at the 2018 Winter Olympics in Seoul, South Korea — was carried out by unknown cybercriminals.
Spoiler alert: The Russians did it. Specifically, Greenberg writes, NSA and CIA sleuths pinned the misdeed on a unit of the Soviet military intelligence agency known only by the number 74455. It is the same outfit that interfered in the 2016 U.S. election, and indicative of the widespread vulnerabilities that face not only every individual but every organization.
Greenberg notes that the Russians have also conducted a cyberwar in concert with their real, live conflict with Ukraine, successfully infiltrating not only various government agencies and utilities since the war began in 2014, but also various Ukrainian companies and some LGBT activist groups. In addition, he writes, North Korean hackers successfully breached Sony Pictures in 2014, when that organization produced a comedy about the assassination of Kim Jong-un.
Domestically, we have seen cities such as Atlanta and Baltimore victimized by ransomware attacks in recent years; in fact, some 170 U.S. municipalities have fallen prey to such attacks. Hackers also breached the computerized controls of the Bowman Dam in Rye, N.Y. in 2013 — seven members of Iran’s Islamic Revolutionary Guards Corps were charged — as well as an autonomous vehicle and various home appliances.
The point here is that we live in a world of increasing innovation, but also increasing vulnerability. No one can be too safe, or too alert.
Greenberg writes that in the case of the Seoul Olympics, staffers worked feverishly through the night following the opening ceremonies to rebuild the domain controllers — i.e., the very foundation of the IT infrastructure — and succeeded in doing so courtesy of a Hail Mary: They took the entire system offline, and created an antivirus signature. And the Games, which began the very morning they accomplished all that, went off with minimal technical issues.
Still, the sophistication of the malware used in the attack was such that analysts were stumped for a time as to who was the guilty party in the attack. Was it North Korea? China? An analyst in Washington, D.C. named Michael Matonis finally concluded, after examining a Word document used in the attacks, that it bore all the earmarks of that which was used in the Russians’ infiltration of Ukraine.
The implications, Greenberg writes, are many. Say a similar attack is carried out on a country with less sophisticated means of detecting its source — that the country in question suspects a long-time antagonist is involved (think China and Taiwan), and decides to shoot first and ask questions later. It could alter our world in an instant. As Jason Healey, a researcher at the Columbia School for International and Public Affairs, told the author, the Olympic attack could be “a harbinger of what conflicts of the future might look like.”
Companies and individuals are no less aware of the risks. It is estimated that businesses will spend some $131 billion on information security or risk-management systems in 2020, an amount that is expected to rise to $174 billion by 2022. And a 2018 Gallup poll revealed that Americans are more worried about the prospect of cybercrime than violent crime. Not without reason, either; the website thebestvpn reports that over 1.76 billion user records were leaked in the early weeks of January 2020 across the globe. That same site notes that nearly half of all leaks are due to malicious attacks, and that ransomware attacks will cost companies an estimated $11.5 billion this year alone
Adding to the concern, the New Yorker’s Sue Halpern writes, is the advent of 5G — i.e., the fifth generation of wireless technology. Already introduced to varying degrees by all four major carriers in the U.S., it is expected to be more widely disseminated in 2020. It has been touted for its speed — it is estimated that it will be as much as 100 times faster than 4G technology — as well as its decreased latency, meaning it could propel the Internet of Things (IoT) significantly.
Such innovation brings with it promises of $12 trillion pouring into the global economy by 2035, according to Halpern, as well as 22 million new American jobs — that, in fact, it will herald the start of the fourth Industrial Revolution. The sizable caveat, however, is that more interconnected devices also means an increased attack surface; in other words, the bad guys have a larger target than ever. Consider 5G’s limited range, just for starters. Its signal goes no further than 1,000 yards, meaning relays will be needed everywhere. If one is placed on all 13 million telephone poles in the U.S. — at an expense of $400 billion, by the way — that will lead to a lot of potential soft spots.
And consider some of the larger worries mentioned by Halpern — at rollbacks in security by the FCC and the looming presence of the global 5G leader, a Chinese company called Huawei. Suspected of being aligned with that nation’s security apparatus, its hardware has been banned not only in the U.S., but such nations as Australia, New Zealand and Japan. It is, however, used in Canada, Mexico and some European countries, and its software is part of the systems used in various places, even those nations where Huawei has been barred.
The defenses against hackers, then, are far from impregnable. It is estimated that cybercrime will cost as much as $6 trillion around the globe by 2021, twice as much as in 2015. Smaller U.S. cities are particularly vulnerable to ransomware attacks like those that hit Atlanta in 2018 and Baltimore in 2019; neither city paid the hackers, but was left with sizable costs to rebuild its IT infrastructure.
What to do, then? The countermeasures the website Cipher lists for cities sounds a lot like the advice that might be given to an individual: Back up your data; stay current with updates; install security software; be wary of email, etc. Individuals are also urged to use passwords generated by a password manager and multifactor authentication, while also installing anti-malware software on all devices.
Larger organizations, particularly those in the telecommunications, consumer products and banking industries, are increasingly turning to artificial intelligence for cybersecurity. In all, 69 percent of senior executives see AI as the route to go in this case.
The point is that the hackers are getting more sophisticated by the day, and it is important for all of us, regardless of station, to remain vigilant and proactive.