“I am your enemy, the first one you’ve had who is smarter than you. There is no teacher but the enemy. No one but the enemy will tell you what the enemy is going to do. No one but the enemy will ever teach you how to destroy and conquer. Only the enemy shows you where you are weak. Only the enemy tells you where he is strong. And the only rules of the game are what you can do to him and what you can stop him from doing to you . . . From now on you are always about to lose.” Enders Game,” Orson Scott Card.
There Are Now Five Arenas In Which To Fight A War
Enders Game, by Orson Scott Card, is a book that I enjoyed and learned from and today I am reminded of a quote from that book that has stayed with me. I am not a fan of fear-mongering, but I am a student of history. As I digested the latest news from Europe today, this quote (above) kept coming to mind. The U.S. has promised crippling sanctions against Russia if that country initiates an all-out war on Ukraine. It is also a common expectation that, if sanctions are imposed, then Russia will strike against the US with cyber attacks. There are now five arenas in which war can be waged: land, sea, air, space, and technology. Just in 2021, we saw ample evidence of Russia’s ability to implement war through technology.
Have You Already Forgotten Colonial Pipeline from May 7, 2021?
Colonial Pipeline is an American pipeline system that sends gasoline and jet fuel from Houston, TX to the southeastern and east coasts of the United States. On May 6 of last year, a multi-stage attack began against Colonial’s IT systems. In just two hours, cyber thieves stole 100 gigabytes of company data. The next day, the network was infected with a strain of ransomware that first impacted the accounting and billing protocols. In a proactive move, Colonial shut down the system on May 7 to avoid the further spread of the virus. This shutdown caused fuel shortages for airlines, disrupting flight schedules both domestically and globally. It also caused a gas panic in southeastern states, creating a spike in gas prices and long lines at the pump. The President declared a state of emergency. Colonial Pipeline paid the ransom of 75 bitcoin, or about $4.4 million. It took five days to get the pipeline back up and running on schedule. Multiple investigations indicate this cyber attack originated in Russia or Eastern Europe. Russia denied any involvement.
Did You Forget The Kaseya/REvil Breach On July 2, 2021?
I posted about this on July 7, 2021, on Aptica’s website, “REvil Ransomware Stike Hits Too Close To Home.” In this cyberattack, the notorious group REvil, also tied to Russia, infiltrated numerous IT support companies and their clients’ companies. Over 1500 companies who were using tech management software produced by the American company Kaseya were impacted. While Aptica was using some Kaseya products, none were involved in this significant breach. President Biden made a phone call to President Putin stating that even if Russia denied involvement, Putin was expected to do something about REvil group. On July 13, 2021, REvil and all its infrastructure disappeared from the internet. On July 23, Kaseya received a universal decryptor tool from an unnamed “trusted third party” to help victims restore their systems (Wikipedia.) Although our clients were not affected, this attack motivated Aptica to further build up our protective services.
We Have Seen That Russia’s Cyber Threats Are All Very Real
How can you know if you are prepared for cyber attacks?
- Are all your systems fully patched and secure?
- Do you have some form of up-to-date antivirus software running on all systems?
- Are you using “Zero Trust” proactive software (which won’t allow executables to run without permission)?
- Are you running “Detection-based” reactive software that can instantly alarm if malware is discovered?
- Are all your switches, firewalls, and access points fully patched?
- Do you have a plan for what to do if you get into work tomorrow and your technology is upside down?
If you aren’t sure about any of this, you can give us a call at Aptica. If you don’t have a clue about the preparation questions just asked, then you definitely should give Aptica a call. Realize that if/when Russia attacks U.S. technology, it will also open the door to attacks from all other bad actors from around the world (think, China.) Attacking the American economy can be just as deadly as bombs and bullets. Fight back. We can help arm you. 260.243.5100
Jason Newburg, 260.243.5100, ext 2101, is the founder and owner of Aptica LLC. This IT management and support company has been serving small to medium-sized businesses for 20 years in the region that includes Angola, South Bend, and Fort Wayne, IN, Battle Creek, MI, and Toledo OH.