Michael Riley and Jordan Robertson published an important piece for Bloomberg news titled:
UglyGorilla Hack of U.S. Utility Exposes Cyberwar Threat
This well researched piece provides context on the threat I believe all technologists should understand. In fact, it is so important, I think every citizen should read it and think about its implications.
A preview from the piece:
Somewhere in China, a man typed his user name, “ghost,” and password, “hijack,” and proceeded to rifle the computers of a utility in the Northeastern U.S.
He plucked schematics of its pipelines. He copied security-guard patrol memos. He sought access to systems that regulate the flow of natural gas. He cruised channels where keystrokes could cut off a city’s heat, or make a pipeline explode.
That didn’t appear to be his intention, and neither was economic espionage. While he was one of the Chinese officers the U.S. charged last month with infiltrating computers to steal corporate secrets, this raid was different. The hacker called UglyGorilla invaded the utility on what was probably a scouting mission, looking for information China could use to wage war.
UglyGorilla is one of many hackers the FBI has watched. Agents have recorded raids by other operatives in China and in Russia and Iran, all apparently looking for security weaknesses that could be employed to disrupt the delivery of water and electricity and impede other functions critical to the economy, according to former intelligence officials with knowledge of the investigation. The incursions spurred a debate in the Obama administration over whether and how to respond, and raised alarms among lawmakers briefed on the incidents.
Read more at: UglyGorilla Hack of U.S. Utility Exposes Cyberwar Threat
I’m reminded this is a perfect example of something Matt Devost has been talking about for years including at the first FedCyber Summit (http://www.fedcyber.com). For additional context, check out this blog post discussing attacks against critical infrastructure:
That is totally spot-on, don’t you think?
We track these and many related issues in our CyberWar site.
For more on these topics see the CTOvision Guide to National Security Technology and
- Rare Joint Announcement by The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) Should Be Read By All - September 24, 2020
- Great AI Startups Needed In The Defense and IC Ecosystem: Join DIMF TechTalk 5 Nov 2020 - September 16, 2020
- The AFCEA Intelligence Committee Webinar Series Explores the Intelligence and Security Issues Facing the Nation - September 11, 2020