By John mariotti.
Anyone who has read the news lately must have noticed how many instances of hacking and cyber-intrusions are being reported. The U.S. government seems to be among the most vulnerable and the Chinese are usually the presumed perpetrator. But for every intrusion that makes the headlines, tens of thousands go unreported, or, in a few cases, thwarted by prevention systems.
The problem is so severe and so pervasive that a coordinated attack similar to 9/11 is virtually inevitable. The question is not if, but WHEN a cyber 9/11 is coming? The answer, based on the acceleration of the type and number of illicit cyber-intrusions is sooner rather than later—maybe much sooner!
For readers who have not followed this new kind of global threat, a little background information will be helpful in understanding it. Around the year 2000, the computer world was obsessing about potential problems of the “Y2K conversion.” (Computer programs/calendars had used only a two-digit year–1995 was shown simply as 95, but when the year 2000 was coming, that little shortcut would create chaos because computers weren’t able to know what 00 meant.) Systems all over the world had to be reprogrammed to protect them against this. This was the time frame when the cyber threats really started.
During this era, hackers developed worm viruses, which, once introduced into computers, could burrow into programs and hide until activated by sending code to them over whatever network they were attached to. Code Red was one of the first such pieces of malware. Then came NIMDA (Admin spelled backward), since it took control of the System Administration function–a big problem–control of virtually everything on that computer. These were both suspected to originate in China’s “hacker university.” Hard proof was scant but everything found pointed to the Chinese.
Millions of user computers were infected; some turned into “zombies” that would follow hackers’ instructions, working in concert to launch widespread intrusions. In still other cases these intrusions left behind “back doors” in systems through which they could re-enter later. At other times a “Trojan Horse” form of deception was used, hiding the malware in a seemingly harmless or friendly program.
Finally, and to this day, human error—”phishing/social engineering” (a sort of spoken or emailed “con” that persuades a naive or busy person to give up the critical information), yields many of the best points of Cyber-intrusion. Disgruntled former employees have always been a rich source of such damaging information.
To date, efforts to limit the disruptions caused by cyber intrusions have cost companies and the government billions of (unreported) dollars and created massive risks due to secret information leaked or stolen.
These attacks couldn’t be stopped because hackers and their programs (malware) are devilishly hard to backtrack and pin down. Methods of deception have continuously been ahead of those trying to stop the attacks.
Anti-virus programs and other intrusion blocking systems look for familiar segments of code in the computer programs that are typical of an intrusion/virus/worm. Now these viruses can change (morph) slightly to avoid detection, over and over. Many could morph automatically to a new fragment of code when a defensive attempt to stop them was detected. Now, even anti-virus is far less effective.
The Conficker worm virus was suspected of infecting tens, and maybe hundreds of millions of computers and programs–and it was traced to Chinese origins. Before readers conclude that China is the only large-scale hacker, there are scores of others. Countries like Russia have been hacking systems for a long time. It shut down all systems in Estonia a few years back. Recent attacks have been more varied, including one on the French government. Before Ukraine began fighting for its independence, it was a hacker haven. Even ISIS is getting into the act via the Syrian Electronic Army and its offshoots.
Many hackers form loose associations to attack targets such as large companies, banks, retailers, celebrities, or even supposedly secure government systems. Anonymous is one such well-known group, but only one of many. Crowdsourcing can form an alliance for a hack and then disband. Tracking perpetrators is difficult or impossible.
The stories are endless, including hacks of the U.S. Army battlefield control, the White House, the Secretary of Defense, the extensive US Government OPM database, the IRS, and many more, a lot of which are unpublicized (for obvious reasons). Recently one of the first widespread smartphone hacks afflicted hundreds of millions of phones running Google’s Android operating system! A common form of hacking disruption (used on financial companies and banks) is the DDoS attack, where incoming traffic originating from many different sources—potentially hundreds of thousands or more— floods the victim system.
This effectively makes it impossible to stop the attack simply by blocking a single (system) IP address; plus, it is very difficult to distinguish legitimate user traffic from attack traffic when spread across so many points of origin. The only solution is to shutdown the system, cleanse it and reboot, making the disruptive attack as success.
Let’s go back to why a Cyber 9/11 is coming and it seems so inevitable.
The knowhow is out there. Hackers are everywhere. Rogue nations like North Korea, and militant groups like ISIS and the Syrian Army are now using Cyber-intrusions as part of their attacks. Russia is an active source of hacking intrusions, often with malicious intent. The Chinese hack everything; often not to do mischief, but rather to steal information—from plans for the F35 Joint Strike Fighter to the OPM personnel data for millions of U.S. government employees.
It is inevitable the some one, some group, some country or rogue state will create the coordinated attack— the cyber 9/11—the one that brings many critical U.S. computer-based systems down all at one time. Just like the unforgettable picture of the World Trade Center Twin Towers and the third target (It hit the Pentagon but many believed it was w intended to hit the U.S. Capitol building.)
The Power Grid, the Internet, all phones–cell and landline, radio & TV (including cable & streaming), Wall Street/banking/finance, Air Traffic Control, and GPS satellites upon which virtually all civilian AND military systems rely, are all readily accessible targets for a Cyber 9/11 coordinated attack.
The only questions are, who, when, and how will the attack come. Cyber 9/11 is coming! Will anyone in the USA really be ready for it? I fear NOT!