Rajinder Tumber
Welcome to part 2 of "2019: Cyber War". In Part 1, I state my belief that a major cyber attack will strike in 2019. I also begin to describe Category 1 cyber attacks, which are a national cyber emergency with consequences as severe as the potential loss of life. In Part 2, I delve into election hacking.
U.S. President Donald Trump addresses U.S. armed forces members on a Christmas Day video conference call in the Oval Office at the White House in Washington, D.C., U.S., on Tuesday, Dec. 25, 2018. Trump expressed confidence in the Treasury secretary, Federal Reserve and U.S. economy on Tuesday, moving to calm financial markets further roiled after Bloomberg News reported that the president had discussed firing the central bank’s chairman over raising interest rates.
Another area of Category 1 concerns politics and elections. Why? Because a cyber attack from a foreign government can attempt to influence the outcome of elections, and thus the leadership of a country and its people. This is a big deal! Should you care if a foreign government, domestic extremist group or an individual can push for a racist, sexist or dictatorial party to win an election and control your decisions? Of course!
Nowadays, we are seeing the use of election campaign resources to improve cyber security for a political party's operations. This was unheard of just a couple of decades ago. Do campaigns, whether in the UK or abroad, even possess the technology or expertise to defend against these cyber attacks? Of course, our intelligence agencies can assist, but with potentially thousands of candidates contesting hundreds of constituencies, the number of possible vulnerabilities for attackers are vast!
So how can a foreign government, domestic extremist group or individual affect an election? Possibilities include defacing the campaign's website, using social media to spread propaganda, and hacking polling stations.
Have elections suffered a cyber attack in the past? Yes. For example:
US: Regarding the 2016 US elections, the US Department of Justice charged twelve Russian intelligence officers with hacking Democratic officials.
Mexico: In July 2018, the website of a Mexican political party was hit by a cyber attack during a television debate between presidential candidates.
Ukraine: In 2014, Ukraine's presidential election was undermined by a cyber attack when, an hour before the results were due to be published, an image imitating the webpage with the results was placed onto an election commission server. The image claimed that a far-right, anti-Russian candidate, had won the election. The webpage was quickly disabled.
What elections await us this year? Here are just a few:
US: United States elections (November)
UK: Local elections (May)
India: General election (April or May)
Hong Kong: District Council elections (November)
Japan: The 25th regular election of members of the House of Councillors (July)
Canada: The 43rd Canadian federal election (October)
Israel: The 21st Knesset (November)
Ukraine: Presidential election (March)
Nigeria: General election (February)
Considering all these upcoming elections, we must ask what protection is being put in place to secure their infrastructure. Surely, if cyber security is not adequately addressed, a foreign attacker's vote would undermine democracy for any democratic country on our planet. What can be done about this or Category 1 cyber attacks in general? See Part 3 of this article.
Now we come to Category 2...
Category 2
Category 2 cyber attacks are deemed to be highly significant incidents, which may result in a high rate of damage but no loss of life. A report by the NCSC revealed it recorded 34 "significant" cyber attacks that demanded a cross-government response. I will mention one infamous Category 2 attack: WannaCry—the worldwide ransomware worm.
In May 2017, WannaCry targeted computers running the Microsoft Windows operating system. WannaCry encrypted the computer's data and demanded a ransom payment, payable in cryptocurrency, to decrypt it.
This attack fits into category 2 because of the immense financial impact on the National Health Service (NHS). It infected over 200,000 computers in 150 countries. These computers included government, healthcare and private systems. The NHS suffered the loss of an estimated £92 million following the attack! Within the first week of restricted access, the lost output of patient care cost them £19 million.
What can be done about Category 2 attacks? See Part 3 of this article.
Part 3 of this article is coming soon.
I am an award-winning cybersecurity specialist, blockchain investor, artificial intelligence advisor to the All-Party Parliamentary Group, university mentor, sci-fi novelist, screenwriter, and a world record-breaking poet. For more details, see: www.RSTumber.com
No comments:
Post a Comment