The Other Virus That Can Wreak Havoc Across The World: Ransomware
On May 7, a hacker’s note was discovered on a control room computer at Colonial Pipeline. The hackers had swiped 100 gigabytes of Colonial’s data and threatened to make it available to hackers around the world unless paid a ransom of $5 million in bitcoin. Colonial responded by shutting down its core asset, an oil and gas pipeline that travels 5,550 miles from Texas to New Jersey and transports more than 100 million gallons a day. It is the largest pipeline in the U.S.
The shutdown’s effect on gas supply and prices was immediate. Prices in Virginia spiked from $3 to $7 a gallon, and hundreds of fuel stations in North Carolina had no gas to sell. Within days, Colonial paid the hackers $4.4 million, later admitted by CEO Joseph Blount.
It could have been worse. The hacker group, called DarkSide—presumed to be from Russia—reportedly stole customer billing data. They did not disrupt pumps, valves and physical structures controlled by sensors, yet DarkSide caused billions in economic damage in the southeastern U.S in a week.
“The hacking threat is escalating globally,” says Nicole Perlroth when I spoke to her in late May. Perlroth is the chief cyber reporter for the New York Times, and the author of a deeply researched book with a scary title: This Is How They Tell Me the World Ends. Perlroth spent seven years to research and write her book. She traveled the world and opened doors to a hidden multibillion-dollar industry led by paranoid geniuses perpetrating data theft and ransomware.
“The dilemma of ransomware attacks is the asymmetry,” Perlroth explains. “Whereas shutting down a developed country’s electric grid would require the resources of a national military and be judged as an act of war, ransomware just requires a simple theft or credible threat. It can be done by loose affiliations of hackers around the world. It can be done for money—ransom amounts around the world are inflating quickly—or even by anarchists with no other motive than to poke the powers in the eye.”
“The hacking threat is escalating globally.” Nicole Perlroth
Here are the industries that Perlroth thinks are most vulnerable to ransomware attacks: banking, electric power, healthcare, military, oil and gas, transportation, and water supply. Her top worry? “When I began my research, my own fear was water supply. It still is.” Perlroth is correct—earlier this year, a single hacker tried to raise sodium hydroxide to poisonous levels in a U.S. water treatment facility. Next time, it may be a state-sponsored terrorist group, with deadlier results.
Perlroth also worries about global supply chains in energy and transportation: “I worry about smaller, privately owned companies in the supply chain that underinvest in network security because they operate on thin margins, or maybe they can’t find the talent they need.”
The threat is growing and global. Vanson Bourne, a research firm in the U.K., surveyed 5,400 IT executives in 30 countries. More than a third were hit by ransomware attacks. The majority said the attackers succeeded in encrypting their data. The average bill for rectifying a ransomware attack, considering the downtime, people time, device cost, network cost, lost opportunity and ransom paid, was $1.85 million.
The top attacked country? India. Top attacked countries in ASEAN are Malaysia, the Philippines and Singapore. But many countries, including those most suspected of sponsoring or sheltering hackers—Iran, North Korea, Russia—did not participate in the survey. World attention for the past 18 months has focused on a biological virus that has killed millions and caused trillions in economic damage. Covid-19, thanks to heroic pharma innovators, will recede. Who are the innovators that will stop the ransomware crisis?Source