The gradual shift from traditional warfare utilizing boots on the ground, artillery, and an air force to cyberwarfare techniques promoted by hackers with malware has been occurring for more than a decade. Clearly, soldiers and bombs are going nowhere anytime soon, but the use of cyberwarfare is rising rapidly. We’ve all seen Stuxnet, Flame, Shamoon, and others leveraged in precision attacks for the sole purpose of inflicting damage on enemies of the state.
For most the 20th century, warfare technology has focused on developing weapons with exponentially more destructive power, or essentially bigger bombs. In the brief period after the cold war, important international actors largely shifted their focus away from this strategy with the goal to surgically hit the target with precision, reliability, and minimal collateral damage. We saw this approach with previous cyberattacks like Stuxnet, Flame, and Shamoon. However, recent attacks underline a significant shift away from the deviously strategic.
Cyberwarfare has returned to the tactics of old — inflict maximum damage.
We’re now seeing acts of espionage and cyberwarfare with no care taken to control the collateral damage. We already know that the recent Wannacry attack was not a standard ransomware attack, but an act of cyberwarfare by North Korea. The recent Petya variant targeted Ukraine with no regard for collecting ransom or even allowing for data recovery. The malware itself had only one purpose — search and destroy. However, the intentions of the attacker were much larger — damage the reputation of the United States.
Both of these malware were using NSA exploits. It seems evident that the most recent author of Petya only included the exploit to drag the NSA’s name (and the United States) through the mud while it took down their adversary. There were other tools used to execute the attack in addition to the EternalBlue exploits, suggesting EternalBlue was only there to catch media attention. It worked — NSA’s name was front and center taking a public beating. The executor of this petya variant successfully attacked one adversary directly while defaming another.
Make no mistake, the world is being social engineered by some of the greatest engineers of our time — this is historic.
Cyberwarfare is not new, but the players are no longer mindful of the wide spread effects. If Stuxnet, Flame, and Shamoon were logical bombs with defined targets, these are “dirty” bombs with no care of civilian casualties.
Never has the need for organizations to emphasize digital security been more apparent or risk being caught in the crossfire of this new style of cyberwarfare.
Awareness and readiness are becoming more and more important regardless of industry. Stay focused, increase awareness, and most importantly, start taking action.