Mass-scale cyber attack warns of a dangerous time
Not too long ago at the tail end of 2020, the United States observed a perilous cybersecurity breach affecting multiple Fortune 500 companies and top government agencies. The attack, of course, was the SolarWinds breach.
While such attacks like SolarWinds brought cybersecurity problems into the forefront of mainstream discussion, it’s been eclipsed by other strikes. In fact, another ransomware attack, perhaps the largest to date, has taken center stage as the next “top threat.” Unfortunately, it signals that breaches and attacks of this nature could become a new standard.
The Kaseya Attack
In a nutshell, the breach exploited a zero-day vulnerability. Exploits of this nature, its noted, are typically carried out by nation-state actors with the expertise and resources to take advantage of them. But the Kaseya attack demonstrated otherwise.
The reality is ransomware gangs and malicious actors have the capital to match government agencies, and while not at the same level of say China, the UK, or US, they still possess considerable wherewithal.
The Kaseya attack resulted in roughly 1500 computer systems getting locked by ransomware encryption with a total demanded ransom of $70 million. This makes it one of the largest ransomware attacks to date, until another potential strike of even larger stakes comes along.
Because ransomware gangs and threat actors gain such lucrative earnings. It’s only natural they’ll be emboldened to continue similar strikes in the future. Hackers even deploy simple methods and tools for their attacks. For instance, the Colonial Pipeline fiasco occurred as a result of spear-phishing, an attack strategy that has existed for well over a decade.
Suppressing future attacks
Of course, creating resilient infrastructure and thwarting cyber attacks creates a complex web of problems. For example, attacks like Kaseya emerged from parts of Russia. Natural, Kremlin regulatory action would be a welcome deterrent for additional outward-facing attacks. But it’s no surprise Putin’s political body benefit greatly from causing having amongst his international foes, the United States included. While there’s a tentative stance of agreement between the nations, Putin’s administration has little to lose if opponents deal with financial and social havoc caused by cyber strikes.
But even beyond that, a hypothetical crackdown on ransomware gangs like REvil creates no guarantee attacks of a high caliber will stop.
It doesn’t mean the United States will turn a blind eye to these continued attacks. With strikes against critical infrastructure, businesses, and people continue, the Biden administration will escalate its threat response. Military level cyber response has been discussed before in an effort to target and dismantle ransomware gang operations if the Kremlin government takes limited or no action. It does not guarantee that the disolution of such gangs is permanent, only that its an escalated response.
Still, the fact remains: hackers see a clear value between time investment versus gains. That is to say, said investment is entirely worth it, since the payout could reach the tens of millions.
Going forward
The biggest takeaway from strikes like the Kaseya attack herald a future wrought with similar ones. Large scale with even more at stake could in fact become the norm. And, with a world increasingly reliant on technology, it’s hard to see why the trend won’t continue.
While protective measures continue to be set in place, how ready the world is for “common mass-scale cyber-attacks” remains to be seen.
