Over the last 1.5 weeks, I have had the honor of hosting 5 different podcasts. I have interviewed top level executives from leading Cyber security firms located as far west as Silicon Valley. As far east as New Jersey, and even as far south as Louisiana. I ask the guests many questions about their company, products and services, and what their thoughts are for the Cyber security landscape in the coming years.
Their answer typically has been that Ransomware will continue, and will not just hit upon the IT Infrastructure of a business, but the Critical Infrastructure of major cities here in the United States will fall victim as well.
This point has been well illustrated by the recent Cyber attacks on the Port of San Diego. Just yesterday, officials from the city announced that they are investigating in depth an attack that just recently occurred. Because of this, some crucial city functionalities such as processing park permits and other far reaching requests.
This Cyber attack on the Port of San Diego has been compared to the Ransomware attack that to the City of Atlanta back in March. The Cyber attackers were able to shut down many public services, such as the people’s ability to pay traffic tickets and water bills. The hackers sought Bitcoin as the ransom payment also totally cut out wireless communications at the Atlanta airport.
Even the San Diego Harbor Police Department has also been affected this Cyber-attack, and is currently using its back up systems to keep other public related functionalities intact, with a strong emphasis upon safety related systems, such as sirens, alert systems, and the 911 grid. The Port of San Diego is a vital economic hub to the state of California, just consider some of these stats:
*It has 569 employees;
*It oversees 34 miles of San Diego Bay waterfront property;
*The Port of San Diego spans five cities and houses 800 businesses, with tenants such as General Dynamics-NASSCO. This entity is the last major shipbuilder on the West Coast, and is currently building and repairing warships for the United States Navy.
Officials have been very silent as to the specific nature of the Cyber-attack, and so far, it seems that none of the businesses seem to be impacted, which is of course, good news. Per Federal Law, this Cyber attack has also been reported to the California Office of Emergency Services and the County of San Diego Office of Emergency Services.
Law enforcement officials from all over are involved, including the FBI and possible even the Department of Homeland Security. However, based upon the news stories I have researched on this, it appears that this could have been a Ransomware attack of various sorts. According to the FBI, about 4,000 computers per hour are infected on a daily basis.
The City of San Diego is familiar with Cyber-attacks, as they were once a victim back in 2016, when Cyber attackers flooded the city’s computers with malformed Data Packets in a Distributed Denial of Service (DDoS) attack.
It slowed down city computers to a crawl but did not affect critical services. The CIO for the city of San Diego even stated that its IT Infrastructure is hit by Cyber attacks 1,000,000 times per day. Many of these are extremely low-level threats, and are mostly launched by automated software packages.
My thoughts on this?
It is remarkable that nothing serious happened, just a disruption in a few services. But because of this, this kind of Cyber attack should not be ignored, and needs to be addressed ASAP. But given the huge complexity of the American IT Infrastructure where does one even begin? It is like walking through a maze with no beginning and no end.
Probably the best way, in my opinion, would be start extensive Penetration Level exercises on the IT Infrastructures of the largest cities in the United States, as these would be the first targets. Then from there, after the weaknesses and vulnerabilities have been discovered, its impacts upon critical public services should be examined, and patched up quickly.
In other words, a top down approach should be used, in which the most critical public service functionalities are tested and repaired first, working all the way down to the least critical. But also keep in mind, that is not just the large cities that can fall victim, even the smallest of the small towns in the United States can also fall prey to a Cyber-attack.
So far, it seems to me that the Cyber attacker is taking a very measured approach in seeing how much damage and chaos can be done to the Critical Infrastructure of a large city. But time is ticking away very quickly. After 9/11, we were worried about airplanes crashing into buildings, and rightfully so. Now, not only do we still have to be concerned with that, but the Cyber terrorism world as well now.