Miami was in the news for all the wrong reasons last week. First that tragic collapse of a condo and then, on Sunday, it was revealed that a little-known Miami company, Kaseya, had been hacked.
It makes software to help manage other people’s networks and hackers gained access to these networks, where it installed ransomware. This is a similar modus operandi to the SolarWinds hack last December that allowed Russian hackers access to US agencies and about 100 companies, albeit without the ransomware.
Kaseya’s hack is as audacious. "Someone was willing, determined, and had the resources to build this attack chain, and it’s not a trivial chain to build," said Frank Breedijk, of the Dutch Institute for Vulnerability Disclosure, which had detected and alerted Kaseya to the vulnerability.
"You have to know what you’re doing to make an attack like this work," Breedijk told Bloomberg. REvil — the Russian hacking group responsible — has reportedly demanded $70m in bitcoin to decrypt the locked-out systems.
The same group is also thought to have blackmailed US meatpacking giant JBS SA following a ransomware attack in May. This comes just months after the Colonial Pipeline hack, which threatened fuel supplies in the US.
Nobelium, the group behind the SolarWinds attack, according to the US, is also Russian, part of the Federal Security Service. It resurfaced last month with an additional hacking attempt using a Microsoft worker’s computer and gained access into three accounts.
The elite troops are geeks with exceptional hacking skills, powerful computers and fast internet
Even the social network created by an adviser to former US president Donald Trump, a Twitter clone called Gettr, was hacked last weekend.
If you notice a distinctly superpower-themed trend, it’s because the third world war, as science-fiction writers predicted, will be fought online.
Welcome to Cold War 2.0 — set in cyberspace. In this battlefield, why (if you’re Russia) invade your neighbour (Ukraine) when you can wreak havoc by hacking its power grid?
The elite troops in this new Cold War are not special forces or fighter pilots. They are geeks with exceptional hacking skills, powerful computers and fast internet. The gangs they work for are so sophisticated that some have offices and pay taxes, cybersecurity guru Eugene Kaspersky told me.
State-backed hackers — of which China, North Korea and Iran have teams — have been involved in other significant hacks. Such warfare is an evolution of the guerrilla tactics that have defined so many modern battles, where a smaller force can act more nimbly against a bigger army.
Here, hackers have plenty of time to poke for holes in a target’s armour as well as that of its network suppliers with weaker security. And there is the added bonus of being able to infiltrate commercial networks which may have corporate secrets to steal.
Welcome to Cold War 2.0.
- Shapshak is publisher of stuff.co.za and Scrolla.Africa, and hosts Stuff on eNCA
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.