Canberra, 19th June 2020: A massive cyber-attack is spreading across the world, as it causes chaos in its wake. It has been reported in global online media that “On Friday, a massive wave of cyber-attacks swept across 99 countries, with cyber-security experts claiming it could be the biggest attack of its kind ever recorded.”
The Australian media reported the following:
“Prime Minister Malcolm Turnbull insisted that even if we are targeted, the government is prepared. We are continuing to monitor the situation closely and stand ready to deal with any cyber-security threat to Australia’s critical infrastructure,” he said through a spokesman.
The attacks, believed to be part of an extortion plot, have so far created chaos in hospitals in Britain as well as the Spanish telecom giant Telefonica and the US delivery firm FedEx.
Cyber extortionists have tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings, and other legitimate files.
The ransomware encrypted data on the computers, demanding payments of $US300 ($AU406) to $US600 ($AU812) to restore access.
The hackers have not come forward to claim responsibility but a mysterious hacking organization, called Shadow Brokers, is being blamed for the attack — possibly in retaliation for US airstrikes on Syria.
In April, Shadow Brokers released a piece of National Security Agency (NSA) code known as “Eternal Blue”, as part of a trove of hacking tools they said belonged to the US spy agency.The Eternal Blue code gives access to all computers using Microsoft Windows, the world’s most popular computer operating system. The NSA had developed it to gain access to computers used by terrorists and enemy states.
It is believed that Eternal Blue, having been dumped by Shadow Brokers, was then picked up by a separate crime gang which used it to launch the extraordinary worldwide cyber-security breach.
In an internet posting, six days before it hacked the NSA and released the Eternal Blue code on April 14 — and a day after the first airstrikes — Shadow Brokers appeared to issue a warning to US President Donald Trump.
“Respectfully, what the f*** are you doing? The Shadow Brokers voted for you. The Shadow Brokers supports you. The Shadow Brokers is losing faith in you. Mr. Trump helping the Shadow Brokers, helping you. Is appearing you are abandoning ‘your base’, ‘the movement’, and the peoples who getting you elected,” the group said in broken English in a statement, according to The Telegraph.”
Many countries have cyber weaponry and cyber warfare capabilities that they have been developing over the last 20 years. These are some of the most sophisticated weapons for both offensive and defensive. The challenge with cyber warfare is the scale and anonymity of the attack. It could be a government working through a pressure or hacktivist group or it could be private cyber-criminals attacking a cause or to make money.
Other than few African countries (if any), many global superpowers have ministers of cyber-security, in addition to a specialized unit within their elite armies for cyber weapons and cyber warfare made up of some of the best brains, their countries have to offer. These people are identified from an early age and trained in all technologies to just create both offensive and defensive weaponry that could bring down a country within a day, especially if such a country is not prepared or secure. Many African country’s cyber warfare capabilities and intelligence are used for political motives as a tool to trace, identify, and isolate opponents and disenfranchised them. The national warfare and weaponry program and all tools and skillsets therein are mainly imported technology meaning that they are inadequate against any foreign state aggression or persistent attack due to limited investment in the local skillsets and national cybersecurity agenda.
I will keep updating you on this cyber-attack as it happens.
For now, remember to keep all your systems up-to-date with the latest patches and security releases. You must update your anti-virus software as well to be secure and practice the best cyber hygiene. The best defense against any attack is preparedness. Remember to read about cyber hygiene at personal and enterprise level.
The only patch to human stupidity is timely education and security awareness.
For more information on this news,
Copyright Mustapha B Mugisa, 2020. All rights reserved.