Cyber-attacks and threats seem to be dominating the news lately as hackers are finding ways to exploit security weaknesses in governments, companies, healthcare organizations, and personal home devices. The new breed of attacks is now taking data and entire systems down and demanding ransom payments in the tens of millions of dollars.
According to the U.S. Government’s Cybersecurity and Infrastructure Assurance Agency (CISA): Ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Ransomware actors often target and threaten to sell or leak exfiltrated data or authentication information if the ransom is not paid.
The impact of these attacks will quickly have an outsized impact on not only the entity attacked, but on consumers who will bear the brunt of the cost.
Ransomware attacks were up 150% in 2020, and growing even faster in 2021, and the financial amount companies paid to hackers grew by 300%, according to Harvard Business Review.
This sudden increase has an undeniable connection to the increase in employees working remotely last year. The pandemic gave hacker groups the perfect opportunity to breach sensitive data because most businesses were not prepared to require employees to install the proper security protections at their home office.
It is estimated that there are between 20 and 30 billion Internet-connected devices which include computers, tablets, smartphones, wireless Internet, and other “smart” devices, like televisions, home security cameras, and even refrigerators. More devices mean more avenues for attack by hackers.
Already in 2021, we’ve seen a dramatic increase in this activity, with high-profile ransom attacks against critical infrastructure, private companies, and municipalities grabbing headlines almost daily.
Recently the City of Tulsa discovered some servers were actively communicating with a known threat site and a ransomware attack was initiated on several City systems. According to the city’s website, “A cybersecurity incident response team was assembled to assess the threat and disconnected the affected servers. The team immediately began isolating the affected systems and the attack moved quickly through the network, prompting the team to shut down all services to halt the attack.”
The attack on the City of Tulsa’s network caused a massive disruption in many city’s services and was costly to resolve.
“We have multiple computers all linked together. We’re talking about hundreds if not thousands of different types of connections that the city is looking into right now,” Captain Richard Meulenberg said as he explained the situation from the Tulsa Police Department.
When a government entity is hacked it has the potential to undermine the security of thousands of systems, networks, and services. Government hacking often depends on exploiting vulnerabilities in systems with the objective to create chaos or more deviously, it could have a surveillance objective. Government hacking may also involve manipulating people to interfere with their own systems. These techniques prey on user trust, the loss of which can undermine the security of systems and the internet.
The reality is most of the cyber-attacks are done by Governments and most were launched against other governments to demonstrating a state’s capabilities rather than causing real disruption. Now that’s changed. The real damage is being down and massive resources are being used to prevent attacks, repair damages, and claw back ransom payments.
Non-government entities have also been hacked more often and none bigger than the breach of Colonial Pipeline in late April. The Colonial Pipeline attack made such an impact because the pipeline is an important part of the national critical infrastructure system. Taking the system down disrupted gas supplies all along the East Coast of the United States, causing chaos and panic.
This attack hit close to home for many consumers and was particularly dangerous because consumers started to panic and ignored safety precautions. After the chaos receded, government officials confirmed that Colonial Pipeline’s cybersecurity measures were not up to par and may have been prevented if stronger protection was in place.
Cybersecurity, which began in the early 1970s, has always been tied to technological advancements.