Business is booming for cyberextortionists.
DarkSide, the hacking group that shut down a key US oil pipeline earlier this month, has collected more than US$90 million in hard-to-trace bitcoin from 47 victims, blockchain analytics firm Elliptic has said.
The pipeline hack ended only after Colonial Pipeline Co paid nearly US$5 million in ransom to regain control of computer systems needed to supply gasoline to much of the eastern US, and was widely dubbed a “wake-up call” to batten down loose digital hatches.
Photo: AP
Following the subsequent release of US President Joe Biden’s new “Executive Order on Improving the Nation’s Cybersecurity,” the US Department of Homeland Security is moving to regulate cybersecurity in the pipeline industry. The US Transportation Security Administration (TSA) is expected to issue mandatory rules and reporting requirements for safeguarding pipelines against cyberattacks.
However, there are key gaps. In all the recent reporting on cyberattacks, there is been scant coverage of how they actually occur. You would almost think that bad guys are breaking into corporate data centers in the dead of night armed with sinister thumb drives, or sneaking lines of malevolent code past snoozing information security officers. It is as if malware materializes spontaneously on a server, then worms its way in to seize control of operational assets.
Companies are reluctant to correct the misimpressions by discussing the details of a breach, because it makes for terrible press and inevitably reveals some sloppy security. The absence of information creates a sense of bystander apathy, leaving many in the industry unprepared for the next attack.
In real life, corporate servers are often breached through remote login services as employees connect to the office from compromised home networks. Once an attacker has gained initial access to an enterprise network, other hacking tools can be used to exploit software flaws and infiltrate critical control systems. The rise of remote work during the COVID-19 pandemic has drastically increased these attack surfaces.
Most people do not think of their personal computers as vectors for infectious malware, but that is what they are. Laptops are thought of as places to store private photographs and files, and manufacturers tend to downplay the vulnerabilities. It came as a surprise last week when Apple Inc senior vice president of software engineering Craig Federighi admitted that Mac has a malware problem.
According to Federighi, there have been 130 types of Mac malware in the past year, one of which infected 300,000 systems.
All this is coming from a company that historically advertised its machines as a more secure alternative to Microsoft Windows.
Brutal honesty could encourage greater consumer vigilance. In 2016, the comedian John Oliver featured a satirical clip of Apple engineers scrambling to put out fires and patch software vulnerabilities while a malicious hacker steals intimate photos from user devices. It is a fairly accurate depiction of the challenges of information security, where a few engineers must hold off potential hackers in 24 different time zones.
The lack of transparency is not just the fault of corporate public relations. Software vulnerabilities are often kept secret for national security purposes. Nobody likes to talk about it, but the US government exploits security flaws all the time for intelligence-gathering and counterterrorism measures.
The US National Security Agency (NSA) and the CIA notoriously stockpile hacking tools, many of which have fallen into the wrong hands. In 2019, hackers used a leaked NSA exploit to disrupt government services in Baltimore, Maryland.
Biden’s executive order addresses part of the problem by envisioning the movement of government data and services to the cloud from local servers. A reputable cloud-hosting provider has full-time staff monitoring the infrastructure and staying on top of security updates, so newly disclosed vulnerabilities can be patched immediately.
This might be sensible for government agencies, but perhaps not the private companies operating critical infrastructure. The cloud computing market is dominated by three players: Google Cloud, Microsoft Azure and Amazon Web Services.
Greater dependence on tech giants would make the Internet more susceptible to catastrophic failure by reducing the number of prime hacking targets. A distributed communications system, by contrast, should be able to survive a nuclear strike; now, malfunctions at major cloud-storage providers can disable service for the entire country.
Also, people concerned about the increasing monopoly power of big tech would have their own reasons to object.
The TSA’s new cybersecurity rules would probably draw from the Cybersecurity Framework maintained by the US Department of Commerce’s National Institute of Standards and Technology. The framework was prompted by an executive order signed by then-US president Barack Obama in 2013 and establishes industry best practices for cyber-risk management, but adherence has been limited because implementation requires a huge investment.
Security measures are easy to undervalue because the consequences of sloppiness are unknowable. Laziness is a competitive advantage until the day the bad guys strike.
Even with TSA-enforced security standards, the industry would benefit from greater transparency about breaches and software vulnerabilities. Cybersecurity ultimately comes down to human behavior, and people are prone to cut corners when they underestimate risk. The worst outcome would be for cybersecurity to turn into a checkbox-ticking exercise like the pointless ritual that we suffer at the airport.
Elaine Ou is a Bloomberg Opinion columnist. She is a blockchain engineer at Global Financial Access in San Francisco. Previously she was a lecturer in the electrical and information engineering department at the University of Sydney.
This column does not necessarily reflect the opinion of the editorial board or Bloomberg LP and its owners.
COMPETITION: AMD, Intel and Qualcomm are unveiling new laptop and desktop parts in Las Vegas, arguing their technologies provide the best performance for AI workloads Advanced Micro Devices Inc (AMD), the second-biggest maker of computer processors, said its chips are to be used by Dell Technologies Inc for the first time in PCs sold to businesses. The chipmaker unveiled new processors it says would make AMD-based PCs the best at running artificial intelligence (AI) software. Dell has decided to use the chips in some of its computers aimed at business customers, AMD executives said at CES in Las Vegas on Monday. Dell’s embrace of AMD for corporate PCs — it already uses the chipmaker for consumer devices — is another blow for Intel Corp as the company
STIMULUS PLANS: An official said that China would increase funding from special treasury bonds and expand another program focused on key strategic sectors China is to sharply increase funding from ultra-long treasury bonds this year to spur business investment and consumer-boosting initiatives, a state planner official told a news conference yesterday, as Beijing cranks up fiscal stimulus to revitalize its faltering economy. Special treasury bonds would be used to fund large-scale equipment upgrades and consumer goods trade-ins, said Yuan Da (袁達), deputy secretary-general of the Chinese National Development and Reform Commission. “The size of ultra-long special government bond funds will be sharply increased this year to intensify and expand the implementation of the two new initiatives,” Yuan said. Under the program launched last year, consumers can
MediaTek Inc (聯發科) yesterday said it is teaming up with Nvidia Corp to develop a new chip for artificial intelligence (AI) supercomputers that uses architecture licensed from Arm Holdings PLC. The new product is targeting AI researchers, data scientists and students rather than the mass PC market, the company said. The announcement comes as MediaTek makes efforts to add AI capabilities to its Dimensity chips for smartphones and tablets, Genio family for the Internet of Things devices, Pentonic series of smart TVs, Kompanio line of Arm-based Chromebooks, along with the Dimensity auto platform for vehicles. MeidaTek, the world’s largest chip designer for smartphones
TECH PULL: Electronics heavyweights also attracted strong buying ahead of the CES, analysts said. Meanwhile, Asian markets were mixed amid Trump’s incoming presidency Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) shares yesterday closed at a new high in the wake of a rally among tech stocks on Wall Street on Friday, moving the TAIEX sharply higher by more than 600 points. TSMC, the most heavily weighted stock in the TAIEX, rose 4.65 percent to close at a new high of NT$1,125, boosting its market value to NT$29.17 trillion (US$888 billion) and contributing about 400 points to the TAIEX’s rise. The TAIEX ended up 639.41 points, or 2.79 percent, at 23,547.71. Turnover totaled NT$406.478 billion, Taiwan Stock Exchange data showed. The surge in TSMC follows a positive performance
RSS