Tomorrow’s battle lines are drawing much closer to home…
The Final Word: By Buck Sexton
If you’re not worried about imminent, catastrophic computer attacks on U.S. soil – like the recent hacker attempts to probe American nuclear facilities – you should be…
For years, policymakers and pundits alike have cautioned that unless critical steps are taken, it’s only a matter of time before we suffer the equivalent of a “Cyber 9/11.” In recent months, Congress has held numerous, ominous hearings about cyber warfare in the 21st century. And concerns are growing over Chinese and Russian hacking capabilities.
Add to this the recent polling that shows a majority of Democrats reportedly believe President Donald Trump colluded with Russia to “hack” our last national election. Cybersecurity is now at the heart of the most rancorous political environment since President Nixon.
Nonetheless, most folks continue to go about their lives without losing sleep that the Russkies are about to hack the grid and plunge a major U.S. city into darkness or that China will shut down our air-traffic control any minute for the heck of it. The Internet as a battleground of great power politics is mostly left for Pentagon experts and tech geniuses.
Those of us who still have trouble connecting a printer to Wi-Fi (guilty as charged) aren’t about to step up to the front lines of the cyber war. It would be tough to go code-to-code with shadowy hacker activists (“hacktivists”) from your aging MacBook that freezes regularly.
But cybersecurity is now everybody’s problem…
Stealing money from a bank the old-fashioned way is dangerous. On the other hand, criminals stole $81 million from the Bangladesh central bank’s account at the New York Federal Reserve last year from the other side of the globe in a matter of minutes – no ski masks or getaway car required.
And it’s getting worse. Malware is software that disables or takes over computers. And two major malware incidents during the last two months have served as a reminder that if you’re online, you’re vulnerable to attack.
The so-called “WannaCry” attack in May infected millions of computers in more than 150 countries, including a number of major U.K. hospitals. It’s known as a “ransomware” attack due to how it seized control of devices, encrypted files, and demanded a ransom be paid via bitcoin.
Assuming victims figured out a way to make good on this cryptocurrency bounty, they were ostensibly supposed to get access to their data back. Refuse the data-nappers, though, and possibly lose access forever. Financial losses from the WannaCry attack have been estimated in the low billions.
In late June, another even more damaging ransomware cyberattack called “Petya” hit more than 100 companies in America and Europe, with the origins of the outbreak reportedly coming from a Ukrainian tax-software update.
Given recent hacking allegations, some eyes quickly focused in on Russia as a possible creator of the malware, though Russian companies including energy giant Rosneft were hit as well. The Kremlin unsurprisingly denies any nefarious online activities (but of course, comrades). Others have suggested a North Korean hand. And to be fair, the psychopathic Kim crime family has been busy firing missiles of late.
Regardless of the culprits, these cyberattacks are harbingers of a new era – one in which nobody is safe from the effects of the
The sophistication of Internet onslaughts against private corporations and individuals is only going to increase. Many of the private-sector firms that specialize in preventing some malcontent in Moscow from stealing or deleting an intellectual-property fortune are warning that the worst is yet to come.
WannaCry was derailed relatively early on because some cyber sleuths based out of L.A. found a “kill switch” for the malware. It was a stroke of luck. No one can count on a repeat going forward.
The next cyberattack could be the big one.
Businesses are advised to be proactive in their countermeasures. The lifeblood of countless companies is now their data. A couple decades ago, the stereotypical chief information officer (CIO) was a back-office guy with halitosis who wrote Star Trek fan fiction in his free time. Interactions with IT support often involved some disaffected techie telling you to “try restarting your computer” for the 10th time.
Now the CIO at any large company is increasingly thrust into the role of a corporate digital-warfare specialist.
For tech companies, the title of CIO is close to CEO and CFO on the organizational chart, and their compensation is the envy of most lawyers I know. The guy or gal who can shut down or fix a distributed denial-of-service (DDoS) attack on your company’s website is more valuable with every mass data-breach incident that hits the news cycle. A good IT desk can be worth its weight in gold.
Indeed, on the expert side of the cyber equation, business is booming. Spending in the sector is estimated to be in the hundreds of billions of dollars worldwide. Given that estimated losses caused by data breaches are expected to be around a trillion dollars in 2018, it’s unsurprising to see the shift in corporate culture from cybersecurity as a side project to major priority.
Despite the flood of resources, there is only so much the good guys (“white hat” hackers, in cyber parlance) can do to stop the bad guys (“black hats”).
A big part of the problem is that very few people understand any of this stuff. Your average corporate employee in America is woefully underprepared to function in the hostile cyber world. And it is your employees – flesh-and-blood human beings – who are the biggest liability when it comes to hacking.
Many of the worst data breaches in history were not the result of some high-tech evil genius who started hacking the NASA website for fun when he was 12. No, hacking most commonly relies on what is euphemistically called “social engineering” – exploiting the overworked cubicle workers of the world to just click on one dumb thing, one time.
It’s much easier to fall prey to this type of “phishing” attack than any of us want to admit.
You are no doubt savvy enough to avoid sending your bank routing information and Social Security number via e-mail to a Nigerian prince who wants you to help him spend his fortune. But an official-looking e-mail that says “IRS request for information” or a Facebook message with “you have to see this photo Bob tagged you in” might very well get you to click on just one link.
Once you do, a skilled hacker may have the keys to your digital kingdom.
There are more grave cyber concerns than phishing schemes that lead to nuisances or blackmail. Cyber warfare could lead to actual warfare sometime this century, and nation states are in a fierce arms race to control cyberspace. But that’s not what you and the rest of the country need to worry about day to day. We pay a lot of taxes to a very big federal government and military to handle that stuff.
What should concern all of us are the seemingly endless and increasingly clever attempts to steal our information, hold it hostage, and bring companies large and small to their knees…
As a law firm, what would you pay to keep all your client records from making their way onto the “dark web”?
For a hospital, what are the medical records of every patient worth?
As an online retailer, how long can you stay in business if your website keeps getting shut down?
These are questions that everyday folks will be forced to address again and again in the months ahead.
In the meantime, don’t use “password” as your password. Enable two-factor security for your bank and brokerage accounts. And hope that the Kremlin doesn’t have special interest in your Gmail account.
Buck Sexton is host of the nationally syndicated talk radio program, Buck Sexton with America Now, heard on over 100 stations across the country.
A former CIA and NYC Police Department Intelligence Officer, Buck is also the cohost of Stansberry Investor Hour, a weekly radio show that you can subscribe to for free right here: http://investorhour.com/