5 6 lines responses for the articles

by

Article 1:

Acts of cyberterrorism differ from acts of hacktivism in that their intentions or consequences involve more severe, permanent damage. This can include loss of life or economic collateral. Most of our sources suggest that cyberterrorism is not justifiable by freedom of speech.

Barry C. Collin of the Institute for Security and Intelligence describes the following hypothetical acts of cyberterrorism. While unlikely, each example illustrates the ways in which cyberterrorism goes beyond the boundaries of hacktivism.

“A CyberTerrorist will remotely access the processing control systems of a cereal manufacturer. change the levels of iron supplement, and sicken and kill the children of a nation enjoying their food.”

“A CyberTerrorist will attack the next generation of air traffic control systems, and collide two large civilian aircraft. …Much of the same can be done to the rail lines.

“A CyberTerrorist will remotely alter the formulas of medication at pharmaceutical manufacturers.”

Mark Pollitt argues that cyberterrorist acts such as the ones above would be highly improbable because of the level of human involvement in each example: “Computers do not, at present, control sufficient physical processes, without human intervention, to pose a significant risk of terrorism in the classic sense.” In the case of the cereal factory, for instance, Pollitt points out that the rapid depletion of the factory’s iron supplies, as well as the change in taste of the cereal, would be immediately noticeable to the people working there.

Nonetheless, some acts of cyberterrorism are successful, as is demonstrated by the examples of Anonymous and Stuxnet. Cyberterrorists indeed pose a threat to national security. It is therefore important for software systems performing critical tasks or guarding critical data to be thoroughly tested and made as close to impenetrable as possible.

Article- 2:

Ransomware apocalypse, brought to you by the NSA

In May 2017, a global cyberattack called WannaCry infected more than 230,000 computers across 150 countries. The ransomware locked down all the files on an infected computer, at which point the hackers demanded $300 in Bitcoin payments to release control of the files. This hard-drive encrypting malware spread rapidly because the group behind this had combined normal malware with EternalBlue, a leaked NSA hacking tool which allowed WannaCry to use worm like capabilities to self-propagate on vulnerable windows systems. Initially, there were speculations that WannaCry was spread using an email spam campaign but, later it was deduced that this attack did not require user interaction at all.

The ransom note told victims their files were encrypted and their documents, photos, videos and databases were ‘no longer accessible’ and that nobody can recover your files without our decryption service’.

Using EternalBlue and another leaked exploit in the form of DoublePulsar, the worm looked for vulnerable public-facing SMB ports so that it can establish a connection to. Once these were located, the leaked SMB (server message block) exploits were harnessed to not only deploy WannaCry on that particular system, but to spread to all other vulnerable machines on the connected network. Nefarious packets were sent to vulnerable machines in an undetected form which was a serious limitation in the older versions of Microsoft XP, 8 and 2003 operating systems. In essence, even just one open, vulnerable SMB port could lead to a whole network being infected by the ransomware.

Among the victims: FedEx, the French carmaker Renault, the Russian Interior Ministry and the most impacted agency was Britain’s National Health Service where the effect on the health service was particularly devastating: ambulances were diverted, patient records were inaccessible, surgical procedures were canceled, telephone calls could not be received. In Romania, the carmaker Dacia, owned by the French carmaker Renault, had sent home some employees at a large factory complex in the city of Mioveni because the attack had disrupted its systems. Bayer, the manufacturer of the health instruments, said it received reports of infections on two of its radiology machines at different facilities. Nissan, the Japanese auto giant, said its manufacturing center in Sunderland in the north of England had been affected. But of all, National Health Service may be one of the largest institutions affected worldwide. It said that 45 of its hospitals, doctors’ offices and ambulance companies had been crippled. Surgical procedures were canceled and some hospital operations shut down as government officials struggled to respond to the attack.

In the midst of all of this, Marcus Hutchins, then a 22-year-old British security researcher, stumbled upon a “kill switch” in the WannaCry code and slammed the brakes on a global crisis.

This high profile incident could have been easily avoided if huge organizations kept their security systems and firewalls updated. Microsoft had released a security patch against EternalBlue two months before the attack but most organizations hadn’t applied it which shows the abysmal situation of huge corporations when it comes to security patching.