Thursday, March 28

Russia Could Cyberattack Ukraine, Again, And Disrupt The Entire World: NPR


Security analysts worry that Russia could launch cyberattacks against Ukraine, as it did in 2017. That could compromise government agencies, banks and energy infrastructure.



SCOTT SIMON, HOST:

Russian troops are massing on the border and many Ukrainians are enlisting for military service. But an invasion on the ground is not Russia’s only option. President Putin could launch an all-out cyber attack that could affect the entire world. To understand just how devastating cyberattacks can be, you actually need to go back a few years to the summer of 2017. And here’s NPR cybersecurity correspondent Jenna McLaughlin.

JENNA MCLAUGHLIN, BYLINE: Matthew Olney remembers the day he learned of a catastrophic cyberattack in Ukraine that shut down, well, everything.

MATTHEW OLNEY: I was at Starbucks and my phone rang. I was waiting in line. He was, you know, our partner on the ground in the Ukraine. And basically, the first words out of his mouth were essentially everything is wrong. Nothing is working.

MCLAUGHLIN: Russian military hackers had targeted energy companies, banks and government agencies in Ukraine through a popular tax filing software program posing as criminals. But their goal was to cause destruction. Olney’s team of threat intelligence researchers at technology company Cisco was working with Ukrainian authorities to track down the malicious hackers. While the Ukraine was the intended target, the nasty code got out and spread to companies around the world, costing them billions of dollars.

OLNEY: So the attack was clearly not just on Ukraine’s infrastructure, but on Ukraine’s very ability to deal economically with the world.

Also Read  Colorado beats Calgary in clash of West division leaders

MCLAUGHLIN: Ukraine has been a punching bag for Russian cyberattacks for years, but things have heated up lately as Russian President Vladimir Putin sent a large number of troops and equipment to the border. Everyone is on edge.

VIKTOR ZHORA: We understand all the risks related to possible cyber attacks that may occur in the near future.

MCLAUGHLIN: Viktor Zhora is a senior cybersecurity official in Ukraine.

ZHORA: And our task is to be prepared for this, to understand all the risks and to be prepared to resist.

MCLAUGHLIN: Zhora is leading an investigation into a recent breach. Possible Russian hackers defaced dozens of government websites and destroyed several computers in government agencies. The websites are backed up and the damage has been contained. But Zhora says the intelligence gleaned from the attack could be valuable, particularly when it comes to critical infrastructure in the energy sector.

ZHORA: Ukraine has a long history of being targeted by cyberattacks and in particular in the energy sector, as happened in 2015 and 2016 with attacks on power grids. And now we use this experience and new technologies and awareness to provide resiliency.

MCLAUGHLIN: Says Ukraine has new cybersecurity requirements for key public facilities. The state department has people on the ground who help build the technical capacity for you. But it is a great challenge. Pirated and vulnerable software is still extremely popular in Ukraine, and Russian hackers are very hard to keep out. Remember that NotPetya attack? It is not just a nightmare that Ukrainians hope will not be repeated. It is also a warning to the rest of the world.

Also Read  Russian prosecutor in Brittney Griner case asks for 9-and-a-half year sentence

VISHAAL HARIPRASAD: It really reminds you of the 2017 industry and the NotPetya attacks. And, you know, that was the last major cyber event before the ransomware epidemic really hit a lot of people. Therefore, it is the most important thing for many insurers.

MCLAUGHLIN: That’s Vishaal Hariprasad. He goes by the name V8 and is the CEO of Resilience Insurance. He says the industry is preparing for the possibility that the escalating situation in Eastern Europe will not be contained there. But, as in Ukraine, he hopes to have assimilated the lessons of the past. During NotPetya, hackers exploited vulnerabilities that had patches available. And companies that had kept their software up to date were protected.

HARIPRASAD: So what we’ve been sharing with a lot of insurers is not to worry too much about who’s necessarily pulling the trigger. From a business perspective, if you’re going to get caught in this crossfire, do your best to patch, to make sure you’ve addressed the right vulnerabilities.

MCLAUGHLIN: And as an added layer of protection, the US government has put out some advisories specifically about the favorite tools and tricks of Russian hackers. Additionally, the DHS cyber agency CISA says businesses need to be careful about digital traffic coming from Ukraine amid the current crisis. Jenna McLaughlin, NPR News, Washington.

Copyright © 2022 NPR. All rights reserved. Please visit the terms of use and permissions pages of our website at www.npr.org for more information.

Verb8tm, Inc., an NPR contractor, creates NPR transcripts on a expedited delivery basis and produces them using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authorized record of NPR programming is the audio record.

Also Read  'Huge mistake': DeSantis' migrant transports could undercut support in South Florida


www.npr.org

Leave a Reply

Your email address will not be published. Required fields are marked *