Page 12 - The Indian EYE 030422
P. 12

OpINION                                                                MARCH 04, 2022  |     The Indian Eye 12



        and this took the form of website                                                                     the US does not have the luxury of
        defacements of government agen-                                                                       two oceans serving as natural bar-
        cies and the destruction of data us-                                                                  riers in cyberspace and will have to
        ing wiper software. Called Whisper-                                                                   take the cyberthreat seriously.
        Gate by Microsoft researchers, the                                                                        However, the US does have the
        malware bore resemblance to the                                                                       heft to deter more severe attacks
        NotPetya malware used in the 2017                                                                     by virtue of its own capabilities, and
        cyberattacks on Ukraine, but “with                                                                    to sanction and prosecute individu-
        added functionalities”.                                                                               als identified as perpetrators of less
            These additional functional-                                                                      severe attacks, as it has done, in a
        ities were added to overcome any                                                                      number of cases. This, though, does
        new protections that had been built                                                                   not seem to have had  much effect
        into systems following the earlier                                                                    on containing low-level cyberattacks
        attacks. According to CISCO secu-                                                                     and intrusions.
        rity researchers, the attackers were                                                                      Ironically enough, Russia has
        advanced persistent threat (APT)                                                                      been at the forefront of multilateral
        actors, probably present for months                                                                   processes at the United Nations to
        or years in these systems which they                                                                  secure cyberspace, including, spon-
        would have accessed through creden-                                                                   soring the resolution that led to the
        tials  obtained  through  spear-phish-                                                                establishment of the Open-Ended
        ing. Like the NotPetya malware,                                                                       Working Group (OEWG) on the
        WhisperGate also masquerades as                                                                       security of and in the use of infor-
        ransomware,  with  a  fake  ransom   Like the NotPetya malware, WhisperGate also masquerades as ransomware, with a fake   mation and communications tech-
        note warning that the user’s hard   ransom note warning that the user’s hard drive had been corrupted and would be restored only   nologies in 2018, further renewed till
        drive had been corrupted and would                    on payment of uS$ 10,000 via bitcoin            2025. The main agenda of this group
        be restored only on payment of US$                                                                    is to “further develop the rules,
        10,000 via bitcoin.                                                                                   norms and principles of responsible
            Depending on whether the crisis                                                                   behavior of States”. The events of
        escalates or tapers down, this is only                                                                the past month show that this will be
        the  first  salvo  in  a  scenario  where                                                             a long time coming. It would not be
        subsequent attacks could be carried                                                                   out of place here to mention that like
        out on critical services such as elec-                                                                the Petya malware of 2016, and the
        tricity,  transportation,  finance,  and                                                              NotPetya and WannaCry malware at-
        telecommunications. The North At-                                                                     tacks in May 2017, WhisperGate also
        lantic Treaty Organization (NATO),                                                                    contains traces of the EternalBlue
        the security treaty organization at the                                                               exploit which was obtained by hack-
        center  of  Russia’s  disenchantment                                                                  ers from the US NSA’s cyber toolkits.
        with Ukraine, signed an agreement                                                                         The fact of the matter is that
        in  January  to  deepen  technical  and                                                               while countries are publicly profess-
        military cyber cooperation, “includ-                                                                  ing the goal of stable cyberspace,
        ing Ukrainian access to NATO’s mal-                                                                   there is frenetic activity going on be-
        ware information sharing platform”.                                                                   hind-the-scenes to ramp up offensive
        Ukraine was subjected to more than                                                                    capabilities, the severity of which can
        2,88,000  cyberattacks  in  the  first  10                                                            be adjusted according to need. The
        months of 2021.                                                                                       fact  that  the  issue  of  cyberattacks
            While  almost  all  countries  are                                                                continues to be in a grey zone from
        subjected to cyberattacks, these are   unlike the attacks of 2017 which spread havoc worldwide, the perpetrators this time around   the perspectives of the perpetrator,
        of a completely different magnitude       have learnt from 2017 and ensured that they remain localized to ukraine   the victim, and the bystander em-
        comprising both attacks on critical                                                                   boldens the former to continue with
        infrastructure as well as disinforma-                                                                 these attacks unabated. The sooner
        tion campaigns designed to reduce   security  posture  and  protect their   trators this time around have learnt   one faces up to the changing realities
        the trust of the general population in   critical assets.   Organizations were   from  2017  and  ensured  that  they   and adjusts policies and capabilities
        these systems and the government.  also urged to lower their thresholds   remain localized to Ukraine. Cy-  accordingly, the better it would be.
            With the US and European      for reporting suspicious cyber activ-  bersecurity  providers  and  software
        countries  threatening  sanctions  ity to government agencies in subse-  companies are also seemingly ahead   Cherian Samuel is Research Fellow at
        against  Russia,  there  is  a  justified   quent advisories. The White House,   of the problem and putting out advi-  Manohar Parrikar Institute for Defense
        concern that these attacks would be   while downplaying the possibility of   sories and issuing patches at a faster   Studies and Analyses, New Delhi.
        directed against those countries as   imminent cyber strikes on the US,   rate. Cyberattacks in this conflict, in   Views expressed are of the author and
        well. Many countries, including Po-  said: “We have a range of tools at our   a sense, has become normalized in   do not necessarily reflect the views of
        land, Lithuania, the UK, and the US   disposal to use and react–in reaction,   that they are more focused, there is   the Manohar Parrikar IDSA or of the
        have issued advisories. A detailed ad-  and the President reserves the right   no lasting damage, and it only serves   Government of India.
        visory jointly brought out by the Cy-  to do that”. In a similar vein, the   to convey a sense of impotence and
        bersecurity and Infrastructure Secu-  UK  also  warned  Russia  that  it  was   helplessness to the affected govern-  This is the abridged version of the
        rity Agency (CISA), Federal Bureau   prepared to make retaliatory cyber-  ment and population. At the same   article which appeared first in the
        of Investigation (FBI), and National   attacks if British computer networks   time, it also signals to other govern-  Comment section of the website (www.
        Security Agency (NSA) on 11 Janu-  were threatened.                 ments that they are also not imper-  idsa.in) of Manohar Parrikar Institute
        ary detailed the steps various organi-  Unlike the attacks of 2017 which   vious to such attacks. As noted by a   for Defense Studies and Analyses, New
        zations could take to heighten their   spread havoc worldwide, the perpe-  senior American politician recently,   Delhi on February 23, 2022


                                                               www.TheIndianEYE.com
   7   8   9   10   11   12   13   14   15   16   17