A teenager with a laptop in the remotest part of the world could cause more financial and human damage in minutes than a group of armed men could do in days. However, it's no longer limited to an individual hacker or a group of hi-tech kids who enjoy ruining privacy, stealing data and defaming an organization to prove their presence or take revenge. This would have been used to define cybercriminals a few years back.
Hacking has gone to a whole new level, the magnitude has broadened and hackers no longer do it for petty interests. Their targets are now bigger for substantial financial gains. They are capable of breaking the backbone of any organization, even a country. These highly sophisticated tech groups are also on hire for carrying out targeted operations, and interestingly, they can get all the legal cover to avoid getting caught. Sometimes, they work independently offshore for their self-interest; sometimes they work for governments to malign and destabilize rival countries.
Even birthplaces of tech and most technologically advanced countries of the world find themselves bleeding at the hands of state-sponsored and non-state cyber actors. Nations are losing billions of dollars every year, but they are committed to spending more in order to fight the menace. Such is the pressing issue cybersecurity has become today which is why a 360-degree cybersecurity policy and its proper implementation is the need of the hour for every country.
Pakistan is also facing cybersecurity threats as highlighted by the EU DinsinfoLab report and the Israeli spyware, Pegasus, which are some recent examples.
The Techiest, the Most Vulnerable
The cyber world has its own dynamics; the more powerful a nation is, the more prominent a target it becomes.
Although, U.S. companies have been under attack for years, the following hacks can explain what challenges nations have before them.
In May, U.S. had its first bitter taste when a hacking group named DarkSide breached the security of Colonial Pipeline, one of the largest U.S. oil pipelines that serves almost 45% of diesel, jet fuel, and gasoline to the East Coast. After the hacker demanded ransomware, the company had to shut down operations for several days causing massive disruption in the U.S.
Growing attacks have made it one of the gravest matters to address for the U.S. Over these incidents, the U.S. and Russian presidents had a summit meeting in June this year. U.S. President Joe Biden demanded that his Russian counterpart should make efforts to end the stream of attacks, which the U.S. believes stem from Russia. President Putin leveled a similar accusation on the U.S. to dilute the impact.
In July 2021, a Russian group of hackers, REvil, infiltrated a U.S.-based tech security company, Kaseya, accessed and seized its customers’ data and demanded USD 70 million worth ransomware for its return – the most significant attack on the record so far. The irony is that Kaseya serves thousands of small and mid-range clients worldwide and provides them security solutions to ensure they remain hack-proof. Due to high dependence on Kaseya’s cloud solutions, their clients – including dentists, superstores, schools and thousands of others – had to halt their business activity. The incident was so grave that the U.S. President had to step in to handle the situation through diplomatic channels in the countries where Kaseya’s clients mainly existed.
Before this attack, REvil had already grown into a much more sophisticated cyber organization when it hacked JBS, a leading meat producer in the U.S., and received USD 11 million ransomware.
REvil has spent hugely on its infrastructure since then and now offers its services to other clients who want to attack any organization or government. As compensation, they charge a handsome commission. Their well-established hotline and call center communicate with the victims for hassle-free ransomware.
This is a story of a few cybercriminals, hundreds and thousands are popping up every minute. Though illegal but lucrative, the hacking business has become a massive industry in itself.
These cyber organizations on hire are cyber mercenaries who carry out targeted operations or launch a full-scale attack on a country’s sensitive installations, which can turn into a complete war-like situation.
A Few More Hacks
Taiwanese computer manufacturer, Acer, had to deal with REvil for a USD 50 million ransomware when the hacker breached their security setup and stole everything valuable.
In February, Hyundai’s Kia Motors, found itself in hot waters when hackers froze its mobile UVO Link app, financial services and jammed all the operations in the U.S. They demanded USD 20 million for giving control of the data back to Kia Motors.
A German chemical distribution company, Brenntag, had to pay a negotiated ransomware worth USD 4.4 million to DarkSide for getting back the control of the data the hacker had seized. DarkSide initially demanded USD 7.5 million or 133.65 bitcoin.
Cyberattacks in Australia have caused more than USD 33 billion worth of losses in 2020-21.
Although the damage sounds like a colossal amount, hackers claimed that it is just the tip of the iceberg in 2021.
Several such incidents don’t get reported because organizations never like to get humiliated in public as they might lose their reputation, and instead, they usually deal with cybercriminals silently. This gives hackers more courage and reasons to come back again and claim more money whenever needed. Cyber analysts believe that the more money the criminals get, the more advanced technologies they buy to expand their extortion business.
The Cybersecurity Blame Game, A Digital Warfare Tool
China is well on its way to becoming an economic superpower, but the U.S. is loud and clear in using any possible tactic to block its way.
China faces spying and hacking charges and based on them, the U.S. and its allies keep putting up hurdles for China's tech companies that are spreading at a breakneck speed outside mainland China.
Once ranked at number two or three in the global smartphone market, Chinese giant Huawei faces the accusation of spying for its government through smartphones and telecom equipment. Consequently, the tech giant has lost considerable presence and market share in the smartphone market over the years. Similarly, next in line, Xiaomi and other global Chinese brands are finding themselves in a similar situation.
In September, Lithuanian cybersecurity experts recommended that their government ban Chinese smartphones due to the security risk.
Since tech companies are taking the lead worldwide, halting their business on the suspicion of hacking and spying appears to be a significant part of the U.S. policy that works day and night to counter China's dream project, the Belt and Road Initiative (BRI).
It's no hidden fact that Pakistan, China’s ally and an essential asset for BRI through the China-Pakistan Economic Corridor (CPEC) and several other projects including the countrywide fiber optic, remains on the radar of cyber mercenaries from India, the USA, and Isreal.
Smartphones Are the Gateway to Hacking
Whatever you call a smartphone – a disruptive technology, a driver of change, or the future of everything – it is hacking-friendly.
The smartphones that we use today are a blend of hardware and software that come from multiple vendors. To make it simple, we can categorize it into four areas:
For iPhone, Apple is the only entity responsible for the seamless functioning of its hardware and operating system as both come from a single company. Apple has the parts manufactured by several third parties, but they all synchronize and abide by the rules Apple lays for its products. Apple ensures the applications on its iPhones for their cleanliness and security.
However, Forbes cites the founder of security firm Check Point, who believes that in the post-COVID-19 era, iPhones are just as vulnerable as Androids.
On the other hand, the Android ecosystem is more fragmented and brings together multiple vendors that don’t necessarily synchronize well. Therefore, phones are highly unreliable from the very beginning. Google’s Android, OxygenOS or HarmonyOS, are all one part of this supply chain. Phones cannot run without applications that are millions in numbers on different app stores. When an app is installed on a phone, it requires specific permissions to run correctly. An average app asks to access your contact list, camera, microphone, and memory, etc. A usual smartphone user installs over two dozen apps on their phone for different personal and business needs. The fourth one is the mobile SIM provider who connects the phone through signals and towers.
Now, any one of them can, knowingly or unknowingly, act as an agent to a cybercriminal who can extract any data you possess on the phone, no matter how strong a password system is active on your device.
It can be a one-time hack, or it can act continuously while recording every moment of your life through your mobile’s camera, microphone, or whatever you type on the screen. The interesting thing is that you would never know what’s going on.
The fact is, at any point in time, your phone is never in your control.
The NSO Group, an Israeli security organization, has the latest version of Pegasus that doesn’t require a user’s acceptance or even knowledge to hack a phone. Unlike the earlier versions where a user needed to tap on a link, the latest version is quiet and independent.
On the face of it, Pegasus provides hacking solutions to governments for combating terrorist activities by locating and tracking bad guys through their phones. In reality, it’s no different than REvil.
Post-COVID Era is More Dangerous
Things were not as dangerous before COVID-19 hit the world as they are now for the end users, including corporations and governments.
The work-from-home policy is still a nascent idea, and with everything mobile and remote, we are not yet ready for it. People work from remote workstations and connect to their respective company’s servers using their insecure networks and devices, making things harder for IT managers who cannot ensure a foolproof system. This has broadened the attack surface for hackers, causing a spike in the number of attacks in 2021.
In the USA, the hacker entered the systems of Colonial Pipeline through a single leaked password of a VPN the IT people believed was redundant.
Networks in Pakistan are wide open, and there is no security culture in practice that can counter today's cyber challenges.
India ranks at number 10 on the GCI because IT culture has become a norm there.
Nations are working hard to meet the cybersecurity challenges of this new era. Some of them have opted to provide selected smartphones to government officials that are secure and hackproof.
How to Keep Pakistan Safe
Security systems are never foolproof unless humans make them. No firewall can protect a system, a device or anyone unless the human factor plays its role. Cybersecurity is not a matter of pressing a button to activate a specific protocol. It's a culture that must become a part of our lifestyle, whether as a citizen, a public servant, or people from the security forces.
For improving our present and future cybersecurity, a comprehensive cybersecurity policy must be a part of our rule book that all the stakeholders should endorse.
In addition to enforcing it at all levels, the government should segmentize it and make it a part of the school and college syllabus under the supervision of a competent authority. It will help educate our children about the dangers and consequences of not being secured from the very beginning.
At the same time, all pubic and private office bearers, including the lower and middle working class, should undergo cybersecurity training programs. Depending upon their level of influence and nature of work in the society, authorities need to educate them on general security measures. It could include how to handle an obnoxious and fraudulent call, how to remain at an ATM, and how to make online transactions.
A competent authority should design courses on cybersecurity and the importance of data and conduct special training and exams for all office bearers in public and private organizations.
As mentioned earlier, smartphones are a gateway to the hacking world; government officials, where necessary, can tighten security by relying more on locally developed communication and messenger apps. Additionally, governments are considering using specially designed phones that are secure at the hardware level as well. The Government of Pakistan can work on a similar idea.
Besides, we can follow some basic guidelines to level up our security in this cyber world on a general level.
The author is a tech journalist and the founder of More Magazine, phoneyear.com, and outlookpakistan.com.
E-mail: [email protected]
Read 53 times