Home » War is not that far off, and cybercrime could benefit from it

War is not that far off, and cybercrime could benefit from it

by admin
War is not that far off, and cybercrime could benefit from it

The dramatic conflict we are witnessing is destined to accelerate the cyber defense process of governments and companies. We have already discussed the risk of “spillover,” that is, that a cyber weapon used by one of the warring parties could have repercussions on computer systems on a global scale.

While in Italy we are preparing to officially present the national cybersecurity strategy for the next four years, on a global level, institutions are questioning the potential effects of the conflict in the medium term.

In this regard, the words of the Secretary General of Interpol, Jurgen Stock, who believes that in a couple of years malware developed by states and cyber weapons will be available in the criminal underground, thunders as a disturbing warning. Present at Davo World Economic Forum, Stock said malicious code developed by governments for espionage and sabotage activities will be available in a couple of years on the main hacker and marketplace forums hosted on the darkweb.

Malware used by state actors involved in the current conflict between Russia and Ukraine represent a serious danger to critical infrastructures and organizations around the world.

Malicious actors could benefit from the circulation of these malware to analyze their code (reverse engineering) and develop or customize versions of the same that can evade defense systems and cause significant damage to targets.

A criminal group could take a cyber weapon and use it to blackmail organizations and even governments. Another element of concern is the possibility that these codes, available in the criminal ecosystem, can be used by other groups operating on behalf of foreign governments. Access to these codes would offer them undoubted advantages, these malware could be used to conduct false flag operations making the attribution of attacks complex, if not impossible.

See also  Warning: a new WhatsApp scam allows you to hack your account

“This is a major concern in the physical world: weapons that are used on the battlefield will tomorrow be used by organized crime groups”, said Jurgen Stock Interpol secretary general during a panel moderated by CNBC at the World Economic Forum in Davos, Switzerland, on Monday.

“The same goes for digital weapons which, perhaps today are used by the military, developed by the military and will be available to criminals tomorrow,” he explained.

In the first two months of the conflict, several international cybersecurity companies and CERTs observed multiple attacks on Ukrainian government entities and organizations conducted by state actors. These attacks were characterized by the use of software (called wipers) capable of destroying the target networks. The case of the attack on the KA-SAT satellite network in Ukraine, managed by Viasat, on 24 February was sensational.

The attack carried out by cyber groups linked to Russia caused disruptions in communications in Ukraine and also affected several EU Member States. 5,800 wind turbines operated by the Enercon company in Germany remained isolate because of the attack. SentinelLabs security researchers investigating the attack identified a previously unknown destructive wiper and called AcidRainthe cause of the attack that affected routers and modems.

To give you an idea of ​​how devastating the use of a code developed by a nation-state actor can be, let’s take a look at what happened during the Stuxnet attack in 2010. Stuxnet is considered a cyber weapon developed by the United States and Israel and used to hit centrifuges at the Natanz nuclear plant in Iran. Stuxnet used a flaw in Windows systems, identified as CVE-2010-2568, discovered in 2010 during the attack. Once it became public, the flaw was exploited by several malicious codes available in the criminal ecosystem.

See also  Marco Travaglio and Berlusconi's acquittal: "It's the final comedy"

An investigation conducted by Kaspersky Lab in 2014, three years after the attack, revealed that the CVE-2010-2568 vulnerability had been used by various malware to affect 19,000,000 users globally over an eight-month period. from November 2013 to June 2014.

How to prevent these weapons from being carried into the criminal underground?

Stock called for strong cooperation between governments and authorities in charge of combating cybercrime, and also underlined the crucial role of private cybersecurity companies whose information can help institutions promptly identify misuses of malware developed by nation-state actors. . “On the one hand, we are aware of what is happening, on the other hand we need the data, which is in the private sector,” said Stock. “We need their reports [circa le violazioni informatiche]. Without their relationships, we are blind. “

“This information gap needs to be bridged together.”

It is necessary to follow up on Stock’s invitation, in the coming years critical infrastructures and supply chains in various sectors will be the most exposed to attacks that will use codes conceived and developed in the military field and which have become public domain.

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy