20 October 2017

Raising the Consequences of Hacking American Companies

In early October, lawmakers were attempting to glean information from Facebook and Twitter about Russia-backed bot accounts deployed to interfere in the 2016 U.S. election. At the same time, U.S. businesses and critical infrastructure face a distinctive state-cyber interference threat of their own. In May of this year, the “WannaCry” cyber-attack took the world by storm. For many ordinary people, it was their first encounter with the phenomenon known as ransomware. The hackers hijacked computers across the globe—from Britain’s National Health Service (NHS) to FedEx—and demanded that the owners pay to recover their data. Perhaps the most noteworthy aspect of the attack was WannaCry’s source, which the UK’s National Cyber Security Centre and private U.S. cybersecurity researchers have suggested is North Korea.1 A few weeks later, another purported ransomware attack named NotPetya emerged, this time mostly affecting Ukrainian computer networks. Through NotPetya ostensibly sought to extort its victims, some researchers quickly concluded that the malware’s true purpose was to harm the devices it infected. The Ukrainian government blames Russia for the hack, which Ukraine claims was politically motivated.2

No comments: