Page 12 - The Indian EYE 030422
P. 12
OpINION MARCH 04, 2022 | The Indian Eye 12
and this took the form of website the US does not have the luxury of
defacements of government agen- two oceans serving as natural bar-
cies and the destruction of data us- riers in cyberspace and will have to
ing wiper software. Called Whisper- take the cyberthreat seriously.
Gate by Microsoft researchers, the However, the US does have the
malware bore resemblance to the heft to deter more severe attacks
NotPetya malware used in the 2017 by virtue of its own capabilities, and
cyberattacks on Ukraine, but “with to sanction and prosecute individu-
added functionalities”. als identified as perpetrators of less
These additional functional- severe attacks, as it has done, in a
ities were added to overcome any number of cases. This, though, does
new protections that had been built not seem to have had much effect
into systems following the earlier on containing low-level cyberattacks
attacks. According to CISCO secu- and intrusions.
rity researchers, the attackers were Ironically enough, Russia has
advanced persistent threat (APT) been at the forefront of multilateral
actors, probably present for months processes at the United Nations to
or years in these systems which they secure cyberspace, including, spon-
would have accessed through creden- soring the resolution that led to the
tials obtained through spear-phish- establishment of the Open-Ended
ing. Like the NotPetya malware, Working Group (OEWG) on the
WhisperGate also masquerades as security of and in the use of infor-
ransomware, with a fake ransom Like the NotPetya malware, WhisperGate also masquerades as ransomware, with a fake mation and communications tech-
note warning that the user’s hard ransom note warning that the user’s hard drive had been corrupted and would be restored only nologies in 2018, further renewed till
drive had been corrupted and would on payment of uS$ 10,000 via bitcoin 2025. The main agenda of this group
be restored only on payment of US$ is to “further develop the rules,
10,000 via bitcoin. norms and principles of responsible
Depending on whether the crisis behavior of States”. The events of
escalates or tapers down, this is only the past month show that this will be
the first salvo in a scenario where a long time coming. It would not be
subsequent attacks could be carried out of place here to mention that like
out on critical services such as elec- the Petya malware of 2016, and the
tricity, transportation, finance, and NotPetya and WannaCry malware at-
telecommunications. The North At- tacks in May 2017, WhisperGate also
lantic Treaty Organization (NATO), contains traces of the EternalBlue
the security treaty organization at the exploit which was obtained by hack-
center of Russia’s disenchantment ers from the US NSA’s cyber toolkits.
with Ukraine, signed an agreement The fact of the matter is that
in January to deepen technical and while countries are publicly profess-
military cyber cooperation, “includ- ing the goal of stable cyberspace,
ing Ukrainian access to NATO’s mal- there is frenetic activity going on be-
ware information sharing platform”. hind-the-scenes to ramp up offensive
Ukraine was subjected to more than capabilities, the severity of which can
2,88,000 cyberattacks in the first 10 be adjusted according to need. The
months of 2021. fact that the issue of cyberattacks
While almost all countries are continues to be in a grey zone from
subjected to cyberattacks, these are unlike the attacks of 2017 which spread havoc worldwide, the perpetrators this time around the perspectives of the perpetrator,
of a completely different magnitude have learnt from 2017 and ensured that they remain localized to ukraine the victim, and the bystander em-
comprising both attacks on critical boldens the former to continue with
infrastructure as well as disinforma- these attacks unabated. The sooner
tion campaigns designed to reduce security posture and protect their trators this time around have learnt one faces up to the changing realities
the trust of the general population in critical assets. Organizations were from 2017 and ensured that they and adjusts policies and capabilities
these systems and the government. also urged to lower their thresholds remain localized to Ukraine. Cy- accordingly, the better it would be.
With the US and European for reporting suspicious cyber activ- bersecurity providers and software
countries threatening sanctions ity to government agencies in subse- companies are also seemingly ahead Cherian Samuel is Research Fellow at
against Russia, there is a justified quent advisories. The White House, of the problem and putting out advi- Manohar Parrikar Institute for Defense
concern that these attacks would be while downplaying the possibility of sories and issuing patches at a faster Studies and Analyses, New Delhi.
directed against those countries as imminent cyber strikes on the US, rate. Cyberattacks in this conflict, in Views expressed are of the author and
well. Many countries, including Po- said: “We have a range of tools at our a sense, has become normalized in do not necessarily reflect the views of
land, Lithuania, the UK, and the US disposal to use and react–in reaction, that they are more focused, there is the Manohar Parrikar IDSA or of the
have issued advisories. A detailed ad- and the President reserves the right no lasting damage, and it only serves Government of India.
visory jointly brought out by the Cy- to do that”. In a similar vein, the to convey a sense of impotence and
bersecurity and Infrastructure Secu- UK also warned Russia that it was helplessness to the affected govern- This is the abridged version of the
rity Agency (CISA), Federal Bureau prepared to make retaliatory cyber- ment and population. At the same article which appeared first in the
of Investigation (FBI), and National attacks if British computer networks time, it also signals to other govern- Comment section of the website (www.
Security Agency (NSA) on 11 Janu- were threatened. ments that they are also not imper- idsa.in) of Manohar Parrikar Institute
ary detailed the steps various organi- Unlike the attacks of 2017 which vious to such attacks. As noted by a for Defense Studies and Analyses, New
zations could take to heighten their spread havoc worldwide, the perpe- senior American politician recently, Delhi on February 23, 2022
www.TheIndianEYE.com