Aardvark Daily

Please visit the sponsor!

The bullet-proof army

There's a war going on and the attackers seem to be impervious to bullets, bombs and other weapons.

These attackers have recently scored some massive wins against US targets and it seems that there's nothing the US government can do about it.

These foreign invaders are safe in their offices, thousands of Km away from US soil but their attacks have not gone unnoticed and the damage is escalating rapidly.

What am I talking about?

I'm talking about cyber-attacks being undertaken by state-funded operators against key stores of US data.

As detailed in this story it appears as if Russian hackers managed to get past the security systems and download huge amounts of sensitive data from US federal government agencies without (until now) being detected.

Just a few short years ago, such a move would have required highly trained spies to physically breach the security of government buildings and photograph hundreds of thousands of pages of documentation -- an audacious and ultimately impossible task.

THanks to today's modern "connected" world however, the same result was achieved by a bunch of clever hackers who likely never even left their offices in whatever building they occupy in the heart of the former Soviet Union.

No risk, no sweat, no worries... at least from the Russian side of things.

The exact impact of this raid is yet to be determined or disclosed but obvioulsy it's not good, not good at all.

If this data had been obtained by way of a physical raid on those federal buildings then I suspect it could almost have been seen as a catalyst for war but, because it was done silently, covertly and secreatly over the internet it becomes just "one of those things" I guess.

While I'm sure there are those within the US administration who will be quick to villify Russia and express outrage at this violation of their cyber-borders, you can bet your bottom dollar that the CIA, NSA and a bunch of other perhaps unmentionable US government agencies are just as busy trying to break through Russia's cyber-defenses. Likewise they'll be working very hard to get their hands on the secrets of other non-aligned governments in countries around the world.

The cyber-war started years ago and shows no signs of abating.

It is a sad reality that the power of the Net has also created huge vulnerabilities to both governments, corporations and individuals alike.

Just this week alone the news-wires are abuzz with stories such as:

• SolarWinds hackers have a clever way to bypass multi-factor authentication
• ~18,000 organizations downloaded backdoor planted by Cozy Bear hackers
• When a top cybersecurity firm gets hacked, what is the takeaway for the average netizen?

and many more.

The beauty of hacking as a way of obtaining data, credentials and money is that the hackers know they have a *much* lower chance of getting caught than a burglar or armed robber might. Skilled hackers can easily hide the trail that might otherwise lead back to themselves and thus carry out their crimes with perfect anonymity and safety. There's everything to gain and nothing to lose.

So how do we effectively mitigate this risk?

It would very much appear that cyber-security is just another game of whackamole. If the US federal government can't secure their data, who can?

Please visit the sponsor!

Have your say in the Aardvark Forums.

PERMALINK to this column

Rank This Aardvark Page

Change Font