Il cyber space also in this beginning 2017 is, as always, in turmoil. Unfortunately, it is not only for innovations that bring well-being and progress but, unfortunately, also for the new threats that are "shaking" and for the old ones that are spreading and changing form. In order to try and predict what will happen in the cyber space in the new year just begun, it is also worth remembering how the 2016 closed.
While the new cyber-nightmare Mirai and her treacherous "sons" (v. article) reaped famous victims (for example, Deutsche Telekom) by "shutting down" entire portions of the Internet, attacks by means of ransomware (acronym formed by words Ransom - redemption e malware - malevolent) spread across the net starting to "change" and to create major problems not only to individuals, but also to operators of infrastructures more or less critical for today's digitized society. Specifically, such attacks are based on malware able to encrypt the storage media of the devices on which they are installed and unknowingly launched by the user, who is then asked to pay a ransom (which is not recommended to do) to receive the "key" of decryption and thus have access to their own precious data. Otherwise the encrypted device remains inaccessible and unusable.
The problem lies in the fact that the techniques to mislead users have become increasingly sophisticated and damn insidious. They are now used e-mail that in the eyes of the user they seem more and more often authentic, which then push him to open attachments or sites websites which contain the malware that, and this is the most disturbing news at the end of the year, more and more often it is also able to "move" autonomously in the network in which it succeeds in sneaking (typical characteristic of worm - network worms), encrypting and blocking all hard drive of the computer find it. This "mutation" of an already known threat has already been baptized with the name of ransomworm, as it is the combination of attack techniques by means of ransomware e worm of network.
Another worrying aspect is the fact that such attacks can cause very serious collateral damage when they hit networks of critical service operators such as hospitals, banks, transport companies, energy companies, etc. An example: last Friday 25 November, following the attack on its network, the Municipal Transportation Agency (Muni) of San Francisco was forced to suspend the disbursement of part of its services, including those for the issue of tickets and for the management of the electronic turnstiles. Result: in San Francisco we traveled free for almost everything weekend, making the happiness of citizens and tourists, but certainly not for Muni who has lost a lot of money. The same thing happened to more than one hospital / nursing home and in those cases the consequences were certainly detrimental to the users: visits and interventions booked from weeks suspended and postponed "to date to be allocated".
Another type of attack to the limelight at the end of 2016 is that which involved the theft of money from the accounts of Central Banks and Credit Institutes. In particular, at the beginning of the year the banking institutions in Bangladesh and Russia were heavily hit, but they only made it known at the beginning of last December. With these two clamorous telematic thefts were respectively stolen, the equivalent in local currency of 81 and 26 million dollars. Even the British private bank Tesco Bank has been hit by the hacker and small sums have been stolen from the current accounts of the unsuspecting subscribers, but together they have yielded to the criminals about 4 millions of dollars. Bad period for banks so that, in addition to being in the sights of the cyber crime, they are also at the center of obscure diplomatic plots.
Remaining in Russia, at the beginning of December the government authorities publicly denounced having discovered and thwarted a plot aimed at creating severe turbulence in the Russian financial and banking system. According to what the authorities assert, some server located in the Netherlands, but managed by a Ukrainian company, they would have been programmed to spread on the network and in particular on the networks social networks, false news on the most important Russian banks. According to the authorities, if spread, such news could have thrown investors, account holders and companies into a panic, thus causing dangerous fluctuations in the financial market. Obviously Ukraine has denied any involvement in the alleged plot which, however, would not have taken place.
And we come to the last days of the 2016 and early new year, also characterized by the aftermath of the attacks cyber occurred during the US election campaign (v. article). During the last December they were wisely circulated on the medium rumors about an alleged dossier that the outgoing President would have commissioned the services of intelligence in the aftermath of these attacks. Press agencies around the world have relaunched the findings of the survey leaked by the usual "anonymous officials of theintelligence"USA: Russia would try to influence the American democratic electoral process and the order to do it would have gone directly from Putin. "Open heaven"! Denied denials, accusations, threats, against threats and against denials. A whirlwind of statements on medium but nothing concrete ... at least until a few days ago. In fact, the first retaliation measures taken in response to the attack on the American political and electoral system last November have recently been released. These are sanctions with few precedents in history, at least as far as their scope is concerned: 35 diplomats (or presumed ones) expelled with their families, some IT services companies accused of supporting the attacks, two closed Russian cultural centers. In addition, the two major agencies were sanctioned intelligence Russian (the military one Glavnoye Razvedyvatelnoye Upravleniye - GRU and the civil one Federalnaya Sluzhba Bezopasnosti - FSB) and four senior officers of theintelligence Russian authorities found guilty of ordering the attacks in question. These are the known measures, but it has also been declared that further sanctions will be imposed without disclosing them to the public. It is understandable: the heart of US democracy, that is, its political system and the electoral process has been attacked. It is the first time in history that a state is formally sanctioned, as it is convicted of having carried out a campaign of attacks cyber.
We are therefore venturing into an unknown territory: what evidence do the Americans have and how valid they are in the light of international law? What will be the Kremlin's counter move? What will the new US president do once he is installed? Given the formal correctness of your election, is its legitimacy undermined by what is emerging in recent days? What is the information that "nobody knows" about the story, that the newly elected volcanic President says he knows and wants to reveal soon? But above all: these sanctions will serve to arrest theescalation in the attacks cyber registered in the 2016 or rather will it speed up?
Meanwhile the first technical details of the cyber The attacks in question have been declassified and already disseminated by the American authorities (v. article), with the clear purpose of allowing other governments and societies / private institutions to understand if they are under attack and "unmask" theintelligence Russian.
We just have to wait and see what the new year will hold. Meanwhile, on the night of last December 31 some senior executive of theintelligence and the leaders of the criminal organizations offering illegal services in cyber space, have certainly greeted the 2016 satisfied, as it does for an exceptional year. Most likely there will have been a head of the cyber a crime that at midnight will have satisfied the view from above of a penthouse on the top floor of a skyscraper in some cities of Southeast Asia and that, sipping a cup of expensive champagne, you will be asked anxious which other "devilry" will be invented in 2017 his loved ones hacker of the "technical department". Diavoleria that he will sell at a very high price on the black market, of course. The services of his organization, on the other hand, are increasingly in demand.
Happy New Year.
Ciro Metuarata
(photo: USMC)
