Blogs

In October, Mirai malware used default login credentials to compromise thousands of routers, digital video recorders, Internet cameras, and other Internet-connected devices. Mirai then created a botnet with the hacked hardware and targeted Dyn, a key provider of domain name services. The result wreaked havoc across the Internet, taking down several prominent websites and disrupting services for millions of users. Put another way, Mirai was a digital assassin who fired a sniper’s bullet at an essential Internet node. Speculation on the hack’s origin and purpose ranged from Russian cyber teams conducting pre-election disruption tests to Wikileaks supporters protesting against Ecuadorian authorities.

Notably, Mirai did not affect any Department of Defense (DoD) assigned Internet protocol (IP) addresses. Even more intriguing, this avoidance was by design. An analysis of the botnet’s source code shows the writer excluded DoD IP ranges. The analysis goes on to describe the likely author as “a skilled, yet not particularly experienced, coder who might be a bit over his head.” This assessment might be valid, but I find the humor short-lived.
In the rush to produce cost-effective connected devices, not enough focus has been placed on security measures. The cost of such inattention became evident on October 21 when hackers exploited vulnerabilities in hundreds of thousands of everyday devices, including baby monitors and cameras, to cripple the Internet. This attack was merely a sign of things to come, said a cybersecurity expert at the Atlantic Council.

“This [cyberattack] is essentially in part fueled because the economics are such that we want these technologies, we want them fast to market, we want them inexpensive, so many of these devices have incredibly low margins, [and] have no security [measures],” said Joshua Corman, the director of the Atlantic Council’s Cyber Statecraft Initiative.
In an election season marred by cyberattacks—an activity the White House has blamed on Russia—the security of voting machines is a prominent concern for voters.  Such concerns could undermine voters’ faith in the system as well as the legitimacy of the result of the presidential election, the Atlantic Council’s Daniel Chiu said in Washington on October 19.

“Hackers may not even need to actually compromise voting computers or systems to undermine the people’s trust in the election results,” said Chiu, who is director of the Strategy Initiative in the Atlantic Council’s Brent Scowcroft Center on International Security. “[M]erely a credible claim of doing so could compel voters to cry foul, undermining the legitimacy of the vote, at home in the United States, and abroad,” he added.
As a consequence of our dependence on gadgets that are increasingly interconnected, securing these devices has become a “homeland security issue,” a senior US official said at the Atlantic Council on October 14, while exhorting industry and civil society leaders to address potential cybersecurity vulnerabilities.

The system of interrelating, connected computing devices with the ability to transfer data, known as the Internet of Things (IoT), “is not a trend, it’s a full-blown phenomenon,” said Robert Silvers, assistant secretary for cyber policy at the Department of Homeland Security (DHS).  

The pervasiveness of IoT, from medical devices to driverless vehicles, has led to “a national dependency,” according to Silvers. Our reliance on connected devices means that “IoT security is not a public safety issue; it’s now a homeland security issue,” he added.
Humans and technology are converging in unexpected ways, and more rapidly than ever before.  For instance, Tesla is integrating radar into its cars.  Delta Airlines tracks luggage with microchips. 

Even our home energy controls are becoming smarter.  As humans increasingly inlay technology into daily life, greater interaction necessitates both dialogue and action. 

We must critically examine the question of cyber security through the lens of public safety (a term of art called cyber safety).  We should identify and safeguard the everyday—and often overlooked—intersections of cyber security and human activity, intersections I call “cyber life zones.”
The recently reported vulnerability in insulin pumps, while not in itself a significant threat, underscores the danger posed by hackers who could take control of medical devices, according to Beau Woods, deputy director of the Atlantic Council Cyber Statecraft Initiative.

“The risks of connected medical devices can be anywhere on a spectrum: from almost none to life and death,” said Woods. He added: “Capabilities that can save lives in the hands of a trained physician, can end life if used inexpertly or if their integrity is compromised by an intentional adversary or indiscriminate accident.”

On October 5, Johnson & Johnson issued a warning to patients that the OneTouch Ping insulin pump systems are vulnerable to a cyber hack that could overdose diabetic patients with insulin.
Increased cooperation between government cybersecurity officials and independent hacker communities can lead to streamlined and higher quality legislation for technology security measures, according to cybersecurity expert.

“We are seeing a change from a completely adversarial relationship between the government and the hacker community and it’s starting to thaw a bit where there is a lot more cooperation now. It hasn’t completely thawed, but it’s getting there,” said Cris Thomas, a strategist at Tenable Network Security.

“Now we have groups like [the Department of] Commerce…the [Federal Trade Commission] and the [Department of Defense] who are trying to bridge that gap and trying to access that knowledge and expertise to say ‘hey come help us out,’” he added.

Russian intelligence hacked the Democratic National Committee’s network, says Atlantic Council’s Dmitri Alperovitch

Russian intelligence services hacked the Democratic National Committee’s computer network and accessed opposition research on Donald Trump, according to the Atlantic Council’s Dmitri Alperovitch.

Two Russian groups—codenamed FancyBear and CozyBear—have been identified as spearheading the DNC breach.

“We have a very high-level of confidence that these are Russian intelligence services—both of them. We have a medium-level of confidence that FancyBear is GRU,” said Alperovitch, a senior fellow with the Council’s Cyber Statecraft Initiative, referring to Russia’s military intelligence agency. 

Alperovitch is chief technology officer at CrowdStrike, the cybersecurity firm that investigated the DNC breach. Senior DNC officials noticed suspicious network activity in April and called in CrowdStrike to identify the culprits and bolster the committee’s cyber defense.
There are “no certain links” between foreign nation states and the hackers who breached the Democratic National Committee’s computer network and accessed opposition research on Republican presidential candidate Donald Trump, according to an Atlantic Council cybersecurity expert.

“It’s possible that multiple groups independently initiated their own intrusion of the DNC network, for entirely separate reasons—that would not be uncommon,” Beau Woods, deputy director of the Council’s Cyber Statecraft Initiative, said in an interview with the New Atlanticist on June 14.

“Not all such attacks are state sponsored—it’s not hard to imagine many motivations for someone wanting to get access to the DNC network,” he added.

Cyber 9/12 contest participants present policy options to contain crisis

A cyberattack has brought nuclear-armed rivals India and Pakistan to the brink of war. An unknown adversary has hacked into a US defense contractor’s computer systems, stolen highly sensitive data, and potentially taken over Global Positioning System satellites. Fighter jets and military radios, along with commercial airlines and mobile phones, are all at risk.

As tensions escalate, non-state actors falsely claim responsibility for the cyberattack. Meanwhile, India and Pakistan inch toward full-scale war as a Pakistani missile shoots down an Indian commercial airliner that has mistakenly strayed into the airspace over the contested Kashmir region.

This was the fictional scenario laid out in a simulation at the fourth annual Cyber 9/12 Student Challenge held at American University on March 11-12. Who carried out the data breach? Were civilian GPS systems affected? Did Pakistan purposely fire the missile? These were among the many questions with which the participants from universities across the United States grappled.


    

RELATED CONTENT