Progression from Stealth to Damage and Disruption

A decade or two ago, hackers were infiltrating the targeted network silently; they were waiting for the perfect moment to act and exit with no evidence left behind them. Thus, their attacks were unnoticeable and even the target companies hardly noticed that they were the victims of a cyber espionage or cyber-attacks. Hackers were lurking in the shadows…

However, during the last decade hackers changed their tactics. They started performing their malicious activities publicly. They no longer cared whether their identity would be revealed or not. In fact, some of them leave traces behind on purpose to be linked back to their activity.

The Most Famous Cyber-Attack Gone Public

It is the most feared cyber-attack so far and still an active threat – the notorious WannaCry ransomware.

wannacry-ransomware

Photo by zephyr_p/Fotolia

It created a big deal of chaos around the world and increased its reputation when it encrypted files of many businesses and asked for a ransom in cryptocurrency. Even though the ransom was paid, most victims could not access their files or they ended up being a victim again.

The WannaCry ransomware emerged when North Korea – according to accusations of UK and USA – took advantage of EternalBlue. As former U.S. National Security Agency employees affirmed, EtrenalBlue was NSA’s hacking tool. EternalBlue was used to increase infection rate of the WannaCry ransomware attack.

The motivation behind the attack is still a mystery: making money or showing North Korea’s cyber force…

Weeks Later Another Attack Occurred

Initially, NotPetya targeted Ukraine but it was spread across the world very quickly. It created around $10 billion of damage. NotPetya was working as a ransomware but it had no intention to restore the files on the infected computers. Any ransom paid by the victims were useless because there was no key created for decryption. Once again, USA, UK and other countries accused Russian hackers, who are supported by their state, for this cyber-attack.

Petya-ransomware

 

Both North Korea and Russia…

… deny and reject involvement with Wannacry and NotPetya attacks. In the past, hackers remained in stealth mode. Now, scaring people and creating chaos became a part of cyber-attacks. This also created a new arena for less powerful states, who compete with economically or militarily more powerful states, to show off their cyber skills.

At the state level, cyber-attacks may not aim your credit cards or personal details but your city’s infrastructure. Such attacks have already happened. The most known example is Stuxnet malware that targeted Iran’s nuclear plant. There is also TRITON malware that targeted Saudi Arabia’s oil and gas petrochemical plant. Lastly, the attack that occurred in Ukraine in December 2016. It took down the power grids and created darkness in people’s lives and took their heating during the harsh winter conditions.

Cyber-attacks whose aim are damage and disruption will most likely become a trend in the near future.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: