Winning A War Without Bullets
The modern world has drastically changed compared to its predecessors. In just the past fifty years, technology, innovation, and daily lifestyles have changed beyond comprehension. Just to think that the first smart phone was created in 1994, just under thirty years ago. As the world continues to evolve, and as international relations between global superpowers continue to grapple with one another, an unlikely ally and foe has risen up from the “golden digital age”: cyberattacks.
By definition, these malicious online attacks are created and distributed by a computer[s], targeting a digitalized system, another computer, an enterprise, or just simply another computer. These attacks can span from vicious brut-force methods to quiet, sedated implanted ransomware.
No matter where you search on the internet, what website you decide to venture into, or just even looking at your favorite singer’s discography, you are bound to find cybersecurity measures that defend individuals and companies from online data phishing, system destabilization, and weakened security infrastructure.
You would think that these online attacks were invented by individuals with plans of stealing bank information, routing digits, and social security numbers, but countries were the first ones to utilize this unforgiving method of pursuing conflict.
The first major known instance of a cyberattack was between India and Pakistan, with China playing a third-party role. They were engaged in a conflict over Kashmir since the twentieth-century, and it had recently moved into cyberspace.
the first computer worm
Although that was the first major attack, the first one ever was done by Robert Tappan Morris, who created the first “computer worm”. As a Cornell University graduate, he had a lot of free time, and during that free time, Morris loved to program and code. Understandably coming up with innovative ideas to invent and process, Morris decided he wanted to create a program that would then assess the size of the internet. This program would be scattered across the internet, install itself upon other people’s computers, then count the amount of copies that it manifested.
During his testing and implementation of the worm Morris ran into a few troubles. In total, the worm buried itself into only approximately 6,000 computers and caused around $201,000 to $2,000,000 in damages for reparation. Morris was then charged with violating the Computer Fraud and Abuse Act; his overall sentence included fines, three years of probation, and community service.
The U.S. has recently accepted that cyberattacks are now directly associated with terrorism, meaning that if you commit an attack online, then you are to be considered a terrorist.
On May of 2021, Colonial Pipeline, an American oil pipeline system that originated in Houston, Texas was attacked by affiliates of a Russian-linked cybercrime group known as DarkSide. The oil pipeline company provided roughly 45% of the American east coast with fuel, including gasoline, diesel, jet fuel, and military supplies.
The entry point of the ransomware attack has conflicting points, it could’ve been a phishing email that got to an employee that worked there, or the use of credentials purchased off an employee or through a cracker system.
It is very important to understand that the attack focused on the business side of Colonial Pipeline rather than the systematic side, meaning that the entire attack was money-oriented; the cyber criminals had no intent to break down the entire system, even though it could have easily been done. Even though the systems were not targeted, Colonial Pipeline had to close many of its major pipeline operations, which have disturbed the lives of thousands of Americans.
As this attack hit, since the company is one of the largest of its kind, these supply shortage concerns increased demand of gas dramatically, driving gasoline futures to the highest point they’ve ever been at in the past three years.
Nowadays, these attacks have to be taken very seriously since they affect the very integrity and lifestyle of this nation. Many large agencies were involved, including the FBI, the CISA, and the FMCSA.
On May 13th, after the events were settled and mostly everything systematically returned to normal, Bloomberg reported that Colonial Pipeline gave approximately $5 million in ransom to DarkSide, a huge sum of money for an attack that could’ve been initiated hundreds of miles away.
Following that, President Biden signed an executive order bolstering American cybersecurity, and truly looking at cyberattacks as a threat to our society.
What lessons should be taken from this horrific attack? Firstly, we must understand that America (its pipes, railways, and just overall way of living) is fundamentally flawed. Take for example the large snowstorm that swept by Texas and the middle of the U.S. a few months prior. That natural disaster exposed how many parts of American depend entirely on an outdated system, and how no changes are being implemented to prevent something like that to ever happen again. People died from the cold during those times, and we must treat this problem with as much intensity as we treat other important ones.
Secondly, since cyberattacks are to be taken more seriously now, as a terrorist threat, cybersecurity must thoroughly be improved. Many of these attackers have high intel of what goes on, and if they can possible affect half of the entire nation by just taking down one company, it will surely be terrifying to learn what more they accomplish online.
There are few things that we can do to improve the situation. As a nation, we must unite and prevent anything like what happened to Colonial Pipeline from ever occurring. In the meantime, you should be at your upmost attention regarding internet security and threats. Do not fall for easy scams or phishes, and if you are wondering if anything that is sent to you is actually official, please contact the actual senders of that email or file. Lock your passwords, and make sure that they are complicated and not easy to guess.
Please take care of yourself online, because you never know, you might be the next one to be attacked online.