The Secret World of Cybersecurity
By Joshua Eferighe and Shabtai Gold
Jack Nicholson was playing the Joker, the Berlin Wall was about to fall and the first internet providers were emerging. It was 1989, and while plenty was happening on the world stage, it was also the year of the first recorded ransomware attack, which occurred when evolutionary biologist Joseph Popp mailed out 20,000 tainted floppy disks to a list that included medical professionals and organizations. Promising to give them info on AIDS, the disks instead threatened to lock files on infected computers unless the user sent $189 to a P.O. Box for the PC Cyborg Corporation in Panama. Three decades later, cyberwarfare is decidedly less playful. The Colonial Pipeline, which provides the East Coast of the U.S. with nearly half of its gas and jet fuel, was recently shuttered for days after ransomware attacks. As the White House scrambles and President Joe Biden considers executive orders to strengthen cybersecurity, it’s time to get up to speed on the digital frontier’s emerging combatants and battle lines.
cyberwarfare’s new fronts
Unspeakable Spread. German hospitals haven’t just been fighting COVID-19 over the past year. At one point, cyberattacks against Deutschland’s health facilities were so serious that police believed ransomware had led to a patient’s death. While investigators eventually ruled that the patient would have died anyway, the incident highlighted that hackers have the ability to infiltrate every facet of our lives — even sacrosanct ones like health care. In 2019, cyberattacks ranked behind only climate change and ISIS as the most feared national threat, according to a global Pew Research poll that collected information from 26 nations, including South Africa and Japan. Businesses that were proactive against cyberattacks saved an average of $2 million on data breach costs, which explains why cyber specialists are in high demand, with growth in the sector far outpacing that of other occupations.
The Next El Chapo. Kidnapping, extortion, drug trafficking — these are crimes we expect to see from billion-dollar Latin American crime syndicates. But now, Russian and Eastern European hackers are giving way to nefarious coders in regions like Brazil and Mexico. A malware called Amavaldo, which first harried financial institutions in Spain and Portugal, began attacking Brazilian banks, too, in 2019. Ploutus, a Mexican malware, has attacked ATMs, while ransomware in Colombia and Venezuela have been used to blackmail executives. That’s led to fears that major criminal organizations, like the Sinaloa Cartel, once led by Joaquin “El Chapo” Guzman, could make cybercrime a bigger part of their portfolios. Overall, Latin American banks lost $809 million in 2018, with 92 percent of them reporting digital security breaches.
Expensive Year. Hackers have also been refining an old trick. They install ransomware to hold an organization’s assets hostage, and the ransom can be steep. Cyber thieves demanded an average of $100,000 per attack in 2020, with record costs to companies, according to the U.S. Department of Justice. That led FBI officials to deem cyberattacks a national threat, with companies like Microsoft, Cisco and Amazon advocating for greater financial support and tighter oversight of cryptocurrencies often used by criminals to skirt traditional monetary systems.
Local Skirmishes. College students in Montana and California have had their data compromised in various attacks in recent years, while the cities of Atlanta and Baltimore saw their public utility systems crippled by RobbinHood ransomware attacks in 2019. Cities have turned out to be particularly vulnerable. They have small budgets and mountains of valuable information, from the data used to operate power grids to citizens’ personal data. Although federal governments can provide advice on how to handle these attacks, there won’t be meaningful change at the local level until citizens demand that elected leaders better protect their data.
Hackers Without Borders. No frontier is off-limits to hackers. Just take a look at the ones who mined Pfizer for COVID-19 data earlier this year. According to South Korean intelligence, North Korean hackers attempted to steal vaccine technology from the U.S. pharmaceutical giant. What makes the case more bizarre is that publicly, North Korea has established itself as a leader in COVID-19 denial. Even though the nation has yet to report a single case, it recently accepted 2 million doses of the AstraZeneca vaccine. British officials are hoping that a new facility opened by global comms giant Viasat in the U.K. will help the nation stave off similar attacks and protect its COVID-related government services.
Hack the Vote. Opposition parties in India insisted in 2019 that the electronic voting machines used in the country, which is the world’s largest democracy, could be hacked. Some experts considered the voting machines vulnerable, while others pointed out that there’s only a risk if the machines are connected to the internet. Either way, this debate is likely to determine how we vote in the future, and could feed fraud fears that will undermine the credibility of democracy more broadly.
Breaching the Big Leagues. The bigger they are, the harder they fall. In 2020, Microsoft, Intel and other major tech firms and global governments were hit by a sophisticated attack inserted into software from SolarWinds and Microsoft. Likely emanating from Russia, the attack, in which the malware masqueraded as a routine Orion software update, affected 18,000 customers, including major U.S. federal government agencies. The Biden administration responded with a slew of new sanctions against Russia, but the damage was already done to the United States’ cyberdefense credibility.
Nuclear Head-Scratcher. The dangers of cyberwarfare were thrown into stark relief in 2010, when Iran’s nuclear sites were attacked by malware thought to have been launched by Israel and the U.S. The most perplexing part? The nuclear sites were offline, meaning the complex computer worm must have been delivered directly into the operating systems — an impressive, if terrifying, feat.
Chris Kubecka. The half Puerto Rican, half Dutch former U.S. Air Force vet serves as a digital guardian angel, always on the lookout for global security risks from her Amsterdam apartment. She has developed cyberwarfare exercises and tackled threats for international organizations such as NATO and the European Union, and was credited with saving Saudi Arabia’s oil giant Aramco after it suffered massive losses during the Shamoon cyber offensive in 2012. A child prodigy who had learned to program by the time she was 6, Kubecka is now developing guides to help companies and their employees ensure their networks are secure.
Michael Borohovski. A New York native and the only son of Russian immigrants, the 34-year-old is the co-founder of the software company Tinfoil Security. Since its launch in 2011, his company has sold automated security tools to tens of thousands of clients, ranging from small businesses to Fortune 500 companies. Had you known the MIT grad in his youth, you would have seen this career path coming. At 9, he taught inelegant programming languages like Visual Basic and COBOL to his sister — then a college sophomore. By the time he was a teen, he was already hacking video games for the win. At least U.S. citizens can rest easy knowing he’s on their side in the cyber cold war.
Shivam Vashisht. The 24-year-old chose ethical hacking over college and today is a leading white hat hacker for several major companies, including Goldman Sachs, Starbucks, Twitter and Instagram. Born in India, Vashisht’s parents were initially concerned about him dropping out of school. But once they realized it was for a good cause — and after he used his earnings to help his dad retire and take his family traveling around the world — they got on board. Vashisht’s specialty is finding server-side and logical bugs, earning his first payday at 20. With cybersecurity specialists in high demand and companies willing to shell out for their expertise, more tech-savvy youngsters may choose this career over traditional paths like computer science.
Eva Galperin. As director of cybersecurity at the Electronic Frontier Foundation, Galperin protects vulnerable populations worldwide by writing security training materials and publishing research on malware for countries like Syria, Vietnam and Kazakhstan. Born in Latvia to Jewish parents who had fled the Soviet Union, her focus is on stalkerware — malware used by stalkers to track their victims, who are often survivors of domestic abuse. So far in her career, Galperin has launched an outreach effort for survivors of stalkerware and has shamed antivirus and security companies for refusing to act more aggressively against abuse.
Marcus Hutchins. Hutchins single-handedly prevented a terrible ransomware attack on hundreds of thousands of computers globally — including those used by dozens of hospitals in the British National Health Service — by the aptly named WannaCry in 2017. Yet, while the then 22-year-old was lauded by many, his major ethical hacking win wasn’t enough to prevent his arrest several months later by U.S. federal authorities. His crime? A code he wrote as a teenager was used in a Trojan attack. Nevermind that his whole (albeit brief) adult life had been dedicated to fighting malware. Place this hero in the “no good deed goes unpunished” category after he was sentenced to one year of supervised release, a charge that held no prison time but did raise the possibility that the British citizen may not be allowed back in the U.S.
unlikely threats … and successes
Ethiopian Intelligence. Although not known for its coding prowess, Ethiopia has long employed cyberattacks for political leverage. In 2015, amid protests, casualties and an eventual state of emergency, investigators discovered that the East African country was using spyware to snoop on journalists and advocates of the Oromo ethnic group in 20 countries. Provided to the Ethiopian government by the Israel-based defense outfit Elbit Systems Ltd., the malware could take screenshots, record passwords and operate a computer’s camera to record conversations held by targeted subjects, which included Ph.D. and law school students.
Macedonian Backfire. Government hacks can have unintended benefits too — like exposing and bringing down a corrupt ruling party that has held power for decades. At least that was how events unfolded in this small Balkan country after the Macedonian opposition party revealed the Administration for Security and Counterintelligence had been using illegal widespread internet surveillance against its citizens. Journalists, nongovernmental organizations and politicians from all parties were targeted by sophisticated software, which recorded 560,646 telephone conversations on topics ranging from government-instigated violence against demonstrators to financial crimes that had decimated the state budget.
Estonia. This northeastern European country is a world leader in cybersecurity and has developed training exercises used by the governments of Austria and Luxembourg, as well as NATO. The small former Soviet republic is perhaps more code-savvy than you’d expect. It even has an e-government infrastructure in place that emphasizes reliable digital identity and a mandatory security baseline for all government authorities. Estonia’s excess of cyber caution came after it faced what experts deemed the world’s first cyberwar in 2007. Part of the nation’s innovative recovery included setting up a unit of cyber volunteers — citizen hackers — to protect Estonian cyberspace. Now, the country of 1.3 million people is on its third national cybersecurity strategy, refining its tricks of the trade as the years go by.
Murky Waters. Water treatment plants have become a new favorite target for hackers. In early 2021, hackers tried to modify chlorine levels at a treatment plant in Florida, an effort that could have poisoned an entire town of about 14,000 if not for the watchful eye of a local supervisor who noticed that an outsider had taken control of his cursor and ramped up sodium hydroxide levels a hundredfold. Similar attacks in Israel were foiled twice last year. These breaches highlight endemic failures in the water sector’s cybersecurity, and could mark a new frontier for cyberattacks.
Bitcoin’s Rocky Start. Before Bitcoin became a mainstay on Wall Street, hacks targeting the cryptocurrency were hardly uncommon. In 2014, the Bitcoin exchange Mt. Gox, which handled about 75 percent of all Bitcoin transactions, was hacked, resulting in the loss of 850,000 coins — a tally worth approximately $47 billion at current Bitcoin valuations. The subsequent collapse of the exchange almost killed Bitcoin, as the currency lost some 80 percent of its value. But while rival exchanges saw massive sell orders, the dominant cryptocurrency has rebounded, reaching new highs in the past year.