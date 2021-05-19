We’re at war.
Have you noticed?
The Colonial Pipeline hack affected us directly and powerfully in Central Virginia.
But it’s only one of a number of recent cyber attacks, which are increasing not only in number but in severity, as the pipeline incident demonstrated.
“There is so much ransomware going on under the surface,” Senate Intelligence Chairman Sen. Mark Warner, D-Virginia, told the Richmond Times-Dispatch.
“I think this is the first time that it has shocked the public about how dangerous it can be,” he said, referring to the pipeline shutdown.
Despite years of warnings that America’s energy, transportation and other networks are vulnerable to such attacks, the U.S. is not well-prepared to prevent or defend against them.
That must change. The U.S. must deploy the full weight of its technical prowess and economic might to meet the threat, or risk dire consequences.
Even a brief scan of the national and international news uncovers a host of recent attacks.
The health insurance company AXA is dealing with ransomeware attacks on its affiliates in Asia, while a similar attack virtually shut down a New Zealand hospital system. And that’s on top of a breach that has paralyzed health care in Ireland.
In the U.S., such criminals recently released personal data and other information that they had stolen from the D.C. police department in one case, and from a Florida school system in another. Both times, the victims had failed to pay the ransom demanded for release of the kidnapped files. Publishing the data, which puts employees and others at risk of identity theft, was a means of retaliation.
And all this a year after the massive SolarWinds attack put us on notice that we needed to step up our defenses. That attack affected major companies such as Microsoft and Intel all the way up to critical federal agencies such as the Treasury Department and the Pentagon.
Many of these cyber attacks are being carried out by “Russian speaking” criminals, according to those who have dealt with them. But we can take that a step further: Many of these criminals are likely being sponsored by the Russian government.
Suspected involvement of the Russian foreign intelligence service in the SolarWinds hack was among the provocations causing President Biden to impose U.S. economic sanctions on Russia.
That’s punishment, which is good and necessary: It shows Russia that the U.S. won’t tamely accept its treacherous meddling.
But what we need is prevention, so that Americans won’t be subjected to these attacks.
We’ve got to be smarter, quicker, better prepared than the bad guys.
We’ve done it before when danger threatened; we can do it again.
Part of the problem, of course, is that the ransomewear attacks often target private companies, which not unreasonably wish to keep their troubles and vulnerabilities private. But that results in a lack of shared information or coordinated approach to such attacks.
In response to the Colonial Pipeline hack, Biden issued an executive order addressing the sharing of information between the government and private companies. Warner said he’s considering legislation to bolster such cooperation.
The Biden infrastructure proposal also contains suggested funding for cybersecurity.
But these are small steps compared to the massive response that is needed.
Consider again America’s vulnerabilities:
Attacks can — and now have — shut down major infrastructure networks. Each successful attack gives criminals more confidence, and more experience for the next hack. These attacks could have crippling effects on personal data privacy, personal safety and even national security.
We’ve already had warning after warning. We need a national, coordinated mission to outthink the bad guys, to get ahead of them rather than trailing behind.
This is a form of warfare. And we can’t afford to lose.
Information link: https://www.npr.org/2021/04/16/985439655/a-worst-nightmare-cyberattack-the-untold-story-of-the-solarwinds-hack