[ad_1]
America’s nightmare under cyberattack is coming true now, and it won’t stop anytime soon. Both xenophobes and criminal gangsters are beating every aspect of society, from hospitals to schools to government offices.
In December alone, a ransomware attack on human resources software disrupted the operations of some hospitals operated by Ascension Healthcare, New York City’s timekeeping system. Metropolitan Transit Authority, and the government of Prince George’s County, Maryland, among others.
But this ransomware attack was far from the worst of December, as private cybersecurity companies say they’ve seen hackers sponsored by China, Iran, and other countries take advantage of the open-source logging platform Apache Log4j, a widely used piece of software.
People have warned of a cyber-Pearl Harbor and 9/11-style cyberattack for decades, but the US has so far avoided a major surprise cyberattack that cost lives and spread to other areas of society. But considering what would happen if a cyberattack sparked a war is something professionals in business and government have prepared.
“I hate to say it, I think, it’s a pretty scary thing, [and] “I hope we never experience a cyberattack that is considered a declaration of war,” said Charles Carmakal, senior vice president of cybersecurity firm Mandiant. “And I don’t know if it’s in the United States, I don’t know if I’ve seen anything that I would say should have been declared an act of war, but there have been some cases in general, other parts of the world where an act of war has been declared.”
Mr Carmakal pointed to NotPetya, Russia’s 2017 cyberattack against Ukraine, as something that could be considered an act of war in the United States. Damage globally, according to the Brookings Institution.
The rules of warfare in cyberspace are less clearly defined than in other areas.
When a cyberattack does the same amount of damage as a kinetic weapon, including things like “loss of health security, loss of national security,” National Cyberspace Director John C. Inglis told the House Oversight and Reform Committee in November, it’s usually considered an act of war. Said it was accepted. security of an important nature.”
Some cyberattacks came dangerously close to Mr Inglis’ general definition of cyber warfare.
The Biden administration said in November it had evidence that Iranian-backed hackers were exploiting vulnerabilities in hospitals. The Cybersecurity and Infrastructure Agency’s warning of the attacks said, however, that CISA, the FBI and their partners in the UK and Australia had determined that hackers were focused on exploiting known vulnerabilities in the healthcare and transportation sectors rather than picking specific targets.
The Biden administration has also accused Iranians of trying to interfere in the 2020 election, specifically targeting Republican lawmakers, Democratic voters and news outlets. Last month, the Ministry of Justice accused two Iranians of computer fraud and intimidation of voters, while the Treasury Department sanctioned six Iranian and one Iranian entities.
Such cyber operations are nothing new to Iranians, but efforts to enter politics, particularly influencing voters through prior intimidation and creating distrust in the aftermath, are a new tactic for Iran, said Jonathan Couch, senior vice president of risk intelligence firm ThreatQuotient.
“I think they learned from the Russians. Despite a lot of ongoing rhetoric, hacking elections on a large scale is one of those things that is incredibly difficult to do simply because of how we conduct our elections and how things work,” said Mr. Couch, formerly of the Air Force. “One of the things the Russians successfully exploited in 2016, and now the Iranians are getting involved, it’s more of what I’d call ‘operations of influence’, if I can’t go in and change the votes, let me try to influence voters to change their votes.”
America narrowly missed the great disasters caused by cyber problems last year. Homeland Security Secretary Alejandro Majorkas recently told USA Today’s editorial board that the February attack on a water treatment plant in Oldsmar, Florida “should have engulfed our entire country.”
A hacker trying to change the sodium hydroxide level in his drinking water has been blocked by a factory operator in the town near Tampa with a caustic solution of the liquid release agent.
According to Mr. Majorkas, the hacker had no financial motivation and only wanted to do harm.
The pressure of cyberattacks on America has made forecasts for the future look grim and has caused legislators to consider an unconventional solution akin to vigilante justice – empowering private companies to legally take a turn against aggressors.
You s. Sheldon Whitehouse, Rhode Island Democrat, and Steve Daines, Montana Republican, have proposed a hack-back bill directing the Department of Homeland Security to explore the benefits and risks of allowing private groups. authority to act aggressively.
“The status quo has failed to protect the American people from cyber attacks. That’s why I urge federal officials to think outside the box and put all options on the table.”
Giving to special groups authority fighting legally is a proposition that can find supporters in the private sector and among the victims. Mr Carmakal said he was unfamiliar with the senators’ proposal, but believed the government had an opportunity to authorize several business entities to take offensive measures against aggressors.
He stressed that no one should have the legal authority to respond, because not everyone has the necessary knowledge to do so, and this could lead to an escalation of a conflict.
[ad_2]
Source link