Two attacks by criminal hacking gangs revealed the fragility of American cybersecurity. The first one affected the robustness of the data of agencies such as the State Department and the second one aggravated the distribution of fuel in at least 14 states of the country.
So far there is no pattern of behavior linking the two cyberattacks, but the most important thing is that with both, the data platform of the most powerful country in the world was breached, casting doubt on whether the United States is under an unconventional siege.
That a cyber-attack by a criminal hacker gang like Darkside has managed to affect the distribution of gasoline in 45% of the country worries a population that certainly has a developed military but, at the same time, has shown weaknesses in its computer systems.
The digital infiltration of the data of the largest pipeline network in the country generated gasoline shortages that affected the East Coast of the United States and is only just returning to normal after the affected company, Colonial Pipeline, was forced to pay $5 million to recover the files.
The cyberattack prevented millions of barrels of gasoline, diesel and jet fuel from reaching fuel tanks in the East of the country. Panic about running out of fuel prompted millions of citizens and businesses on the East Coast to fill up their tanks, spiking demand and exacerbating supply problems.
“It will take some time for the supply chain to fully normalize,” said company spokesman Eric Abercrombie.
What happened with Colonial raises questions about how much damage hacker gangs can do to a country; either directly by affecting the population in their daily lives as happened with Colonial, or indirectly as when Russian hackers tapped into the computer systems of federal agencies for months.
In December, SolarWinds, which provides the SolarWinds Orion network to 300,000 customers worldwide, including the U.S. military, the Pentagon, the U.S. Department of State, the U.S. Department of Commerce, the U.S. Treasury and the U.S. Presidential Office, among others, acknowledged that it had suffered a virtual attack.
The company indicated that its system updates had been compromised by “highly sophisticated” and “extremely targeted” malicious code; the attack was attributed to Russia, which is why Joe Biden’s administration decided to deepen sanctions.
In the most recent attack against Colonial, Biden accused Darkside as “Russia-based” hackers of carrying out the cyberattack; he said he has no evidence that Vladimir Putin’s government was involved but that he was “in direct communication with Moscow about the need for responsible countries to take decisive action against these ‘ransomware’ networks.”
In 2020 an Interpol cybercrime assessment revealed a substantial shift in the targets of attacks; they now tend to be against large multinationals, state administrations and critical infrastructure.
“Cybercriminals are creating new attacks and intensifying their execution at an alarming rate, taking advantage of the fear and uncertainty caused by the unstable socio-economic situation generated by COVID-19,” said Jürgen Stock, Secretary-General of Interpol.
More cyber attack that expose American cybersecurity might come
Enemies of the United States have been able to expose the country’s weaknesses in cybersecurity and experts fear a barrage of cyberattacks.
The real world is becoming digital and the pandemic has also forced a greater virtualization of the tangible world, which exposes physical systems to the network,” Padraic O’Reilly, one of the founders of the firm CyberSaint Security, told the newspaper El País.
“According to information from security firm Emsisoft, there are around two dozen major groups in the business and, last year, they moved up to $18 billion in ransomware worldwide, which is an 80% increase over 2019, spurred in large part by this virtual boost in economic and human activity that the pandemic has brought,” the Spanish newspaper notes.
In light of the increase in cyberattacks, Biden signed an executive order on cybersecurity that obliges contracting companies to strengthen their measures.
“The Colonial incident is a reminder that federal action alone is not enough,” a government official said in a call with France24 on condition of anonymity.
According to the official, public and private sector entities in the United States are “very vulnerable to sophisticated, constant and malicious attacks” and acknowledged that security breaches will be common for a long time to come.
It should be recalled that Ukraine in December 2015 suffered a cyberattack on its power grid that damaged 30 substations, leaving much of its population in the dark. This was the first of several attacks carried out by the Sandworm group, a Russian hacker gang.