By Rachel Ehrenfeld
American Center for Democracy
Rising geopolitical tensions have led to a constant barrage of cyber hacking into the U.S. government, industries and businesses. The recent attack against California-based Sony Pictures Entertainment marked a turning point. It was the first officially acknowledged destructive coordinated cyber-attack against a U.S.-based corporation.
This led to Monday’s FBI confidential “flash” report warning to businesses, explaining that the malicious software overrides all data on hard drives of the computers, and the master boot record. “The overwriting of the data files prevents the computers from booting up and makes it impossible to recover the data using standard forensic methods,” the report said. And while the FBI did not identify U.S. companies that suffered such destructive cyber-attack, or the perpetrators, Iran deployed a similar attack against Saudi Aramco, and North Korea used similar destructive malware against South Korea in the past, and now against Sony.
Also on Monday, the cybersecurity company FireEye reported that more than 100 U.S. companies, mostly in the pharmaceutical industry and their investment advisers have been hacked, apparently successfully. The hackers obtained information on new drug trials and may have manipulated the companies’ stocks. The hackers’ familiarity with Wall Street and their use of “native English” in the malware led FireEye’s spokesperson to the strange conclusion that the hackers were Americans or Europeans. Not necessarily.
As long as board of directors are reluctant to acknowledge such attacks and refrain from sharing the information about their attackers, it will be impossible to develop the appropriate strategies and technologies to protect their businesses and often our money. Until that happens, the economic warfare waged on American businesses through the Internet will continue to gain momentum and inflict short- and long-term untold damage.
In the meantime, the U.S. political leadership remained short-sided, passive and slow. President Obama’s effort to secure the nation’s civilian infrastructure and business was his Executive Order on “Improving Critical Infrastructure Cybersecurity” in 2013, and the follow up with the Cybersecurity Framework in 2014. The Administration and Congress were unable to reach an agreement on a cybersecurity law, and it is unlikely that they will pass the Cybersecurity Information Sharing Act (CISA), a bill that will enable private sector companies to share cyber threat information with the government and vice versa.
Yet, complete reliance on wireless technologies is becoming a reality. The more advanced the technology, the more the reliance on it and the greater the risk of interference by hacking into or jamming the systems. Each cyber attack brings new efforts to stop similar attacks, but little, if anything, is in place to detect or counter future attacks.
The perpetrators could be ideologically/financially motivated individuals, criminal or terrorist groups, or hostile states. And, as we have seen, cyber attacks not only steal information, money, or both, or paralyze communication. Cyber interference could also commandeer different components of systems to scramble information, change records and damage operations, and jamming could cause systems and communications failures that could cost huge financial losses and human lives.
When the 114th Congress convenes in January, it should pass a cybersecurity law that would not only facilitate better protection of our civilian infrastructure, but also acknowledge that we are facing a cyberwar, in which the best defense is offense.