Whatchamacolumn: Disruptive cyberattacks come in all sizes and shapes
News of cyberattacks is so persistent that it can become white noise, distracting us from the magnitude of individual computer system assaults and catastrophic risks.
NBC News, January: FBI Director Christopher Wray warned Congress “about the growing threat of Chinese cyberattacks against U.S. electrical grids and other infrastructure,” saying, “China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities.”
ABC News, February: “Hackers from the People’s Republic of China spent up to five years in U.S. networks as part of a cyber operation that targeted U.S. critical infrastructure, law enforcement and international agencies said earlier this week.” The article cited alerts from the Cybersecurity and Infrastructure Security Agency, National Security Agency and FBI about “Republic of China state sponsored cyber actors seeking to preposition themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure.”
Wired.com, this month: “Since the beginning of this year, a hacktivist group known as the Cyber Army of Russia, or sometimes Cyber Army of Russia Reborn, has taken credit on at least three occasions for hacking operations that targeted US and European water and hydroelectric utilities.”
While global powers position themselves to disrupt their adversaries, high-tech international criminals are devastating organizations with ransomeware attacks. Reported statistics of ransomeware vary wildly, but the numbers are staggering to businesses and organization that suffer data loss, operating shutdowns and massive ransom payments.
This week, for example, CBS News reported that a February cyberattack against a UnitedHealth Group produced “$872 million in unfavorable effects” while shutting down operations of hospitals and pharmacies for more than a week. “A Russian-based ransomeware gang,” reported CBS, “claimed responsibility for the attack, alleging it stole more than six terabytes of data, including ‘sensitive’ medical records.”
All of this is prelude to mentioning our own brush with devastation this week from a cyberattack carried out the old-fashioned way: theft of equipment. Our total shutdown was avoided only through a minor miracle of timing and an immediately aggressive investigation.
For the record, the only reason you are reading a News-Register this week was due to extra-mile assistance from local IT provider Primisys, staff of building tenant Swedemom Center of Giving, and McMinnville Police Cpl. Mike Maierhofer. Our thanks go out to all of them.
Meanwhile, we are thankful for the chance this near-miss provided us for improving a few security gaps, and hope others will take that same opportunity.
Jeb Bladine can be reached at jbladine@newsregister.com or 503-687-1223.
Comments