By Melito Salazar Jr.
The spate of Internet hacking and cyber-attacks is a cause of worry, seeing how intertwined business, industry, and society, locally and globally, are in the global Internet network. When computer systems are compromised, a myriad problems and dangers are possible, ranging from one’s identity being stolen and bank accounts depleted to companies’ strategies stolen and sold to competitors.
The much publicized alleged hacking by the Russians of the Democratic Party campaign computers in order to secure damaging information which was then fed to the Trump campaign to be used and ultimately affect the results of the US elections is an example of how pervasive and significant would be the result of such attacks. The cyber-attack known as WannaCry as reported in the New York Times “ravaged computers at hospitals in England, universities in China, rail systems in Germany, and even auto plants in Japan.” The demand for ransom shows how cyber-attacks can be a fund-raising activity. In a seminar on Corporate Governance I attended in Bangkok last year, the resource person in a session on Cyber Security warned us that there may already “sleepers” in our computer systems waiting to be activated with a corresponding ransom demand. His advice was for us to pay as there was no way we could correct the situation.
The worst case, however, is when the cyber attackers are not after money or information but decide to launch terrorist attacks. Terrorists have realized that suicide attacks, damaging as they may be to a community and its pattern of normalcy, have limited impact in scope and in time. The beefing up of security surveillance and the heightened collaboration among governments is making it easier to prevent this kind of attacks. The alliance building of ISIS also brings in adherents who may not have the same level of fanaticism to sacrifice lives and would prefer to sow disorder by remote control. What would be the best approach if not to use cyber weapons, two already stolen from the National Security agency (NSA), leaked online by a mysterious group of hackers calling themselves the Shadow Brokers and inflict global destruction with a greater probability of getting away with it?
As reported in the New York Times, the WannaCry used a “hacking tool the NSA had code-named EternalBlue. The tool took advantage of unpatched Microsoft servers to automatically spread malware from one server to another, so that within 24 hours, North Korea’s hackers had spread their ransomware to more than 200,000 servers around the globe.” The attack on IDT Corporation used another stolen NSA cyber weapon called DoublePulsar, which can penetrate computer systems without tripping security alarms. NSA spies could use it to inject their tools into the nerve center of a target’s computer system, called the kernel, which manages communications between a computer’s hardware and its software. The New York Times article identifies the kernel as “at the very top of the pecking order of a computer system, allowing anyone with secret access to it to take full control of a machine. It is also a dangerous blind spot for most security software, allowing attackers to do what they want and go unnoticed.”
More disturbing is that the Shadow Brokers have resurfaced, promising a fresh load of NSA attack tools, even offering to supply them for monthly paying subscribers, as New York Times puts it –“like a wine-of-the-month club for cyber weapon enthusiast.” One shudders imagining the North Korean government having access to them; cyber-attacks will be more dangerous than their capability to launch nuclear missiles at the United States, which a string of defence rockets could bring down.
Governments should recognize the potential terrorism from cyber-attacks and band together to stamp out this danger. The United States government should ensure better security for the cyber tools that its agencies like NSA designs and immediately share the “antidote” with them. Otherwise, the whole world will be suffering a new and devastating type of terrorism.
All Credit Goes There : Source link