In the hot news of the moment, the cyberwar led by Russia to put pressure on Ukraine and its allies awakens bad memories for cyber security professionals.
In 2017, the world held its breath when a major cyber-attack had already targeted Ukraine and paralyzed, among others, one of the largest carriers in the world. Let's go back a few years to shed some light on today's happening.
Initially, this is Petya, a malware (ransomware) that prevents Windows PCs from booting unless the victim pays in bitcoins.
The variant of this virus was named NotPetya by Kaspersky Lab and was spread from machine to machine in corporate networks. Its exploitation has been attributed to Sandworm, a group of hackers believed to belong to the GRU, the Russian national cyber security agency.
The attack was made possible by EternalBlue, an exploit created by the U.S. National Security Agency, disclosed during an intrusion into its top-secret file servers in early 2017.
And unlike Log4Shell, which I told you about two weeks ago, the speed of the virus' spread was extremely fast.
Read the breathless account of the paralysis of Danish shipping giant A.P. Møller-Maersk on June 27, 2017, on Wired (see below). Within minutes, all computers were infected, with crews unable to work even though the company operated 76 port facilities and had more than 800 ships on the seas at the time! Seventeen of the terminals were paralyzed, mobilizing 400 people from Maerck's IT teams, as well as 200 reinforcements from Deloitte, working day and night to find a solution. Terrifying.
The virus also affected Merck, TNT Express, Saint-Gobain, Mondelez, and even a Russian company, Rosneft. The White House estimated the damage to be at least $10 billion.
Not to mention the poor Ukrainians, the first to be targeted by Russian attacks, just like today. Wired's story focuses on the case of Oschadbank and cites dozens of others, including an energy company, a transit hub, 22 banks, at least four hospitals, ATMs, gas pumps, etc. A Ukrainian official estimated that a total of 10 percent of the country's computers had been wiped out.
The Internet is so embedded in our societies’ operating systems and daily lives that the potential harm is almost infinite. Attacks have already begun, including oil facilities and the Ukrainian government. At the same time, like all viruses, malware is difficult to control and goes far beyond the initial target.
📖 What does this remind me of? To Ashes, Ashes, by René Barjavel, a science fiction novel published in 1943. It's the story of the collapse of a society resolutely oriented to technology, where electricity disappears one fine day, causing chaos. A visionary, Barjavel, considered one of the fathers of science fiction. If you haven't read it, I recommend it.