Eddie Wrenn
“We are in the year 2024, and we’re in full-blown cyber warfare.”
This is the view of former Green Beret turned cybersecurity expert Greg Hatcher, who this week sat down with Techopedia to explore the security landscape and warned that governments do not have the resources to fight threats against their nations.
His warning comes as the US Justice Department announced last week it had stopped a China-sponsored attack that saw hundreds of US routers infected with malware.
Key TakeawaysGreg Hatcher, former Green Beret and cybersecurity expert, warns that we are in full-blown cyber warfare in 2024.
Hatcher emphasizes China, Russia, and North Korea as major threats to the US cyberattack surface.
FBI Director warns that “China hackers outnumber FBI cyber personnel 50-1”
The Justice Department recently intercepted a China-sponsored attack targeting US civilian routers, highlighting ongoing cyber threats.
Only last week, FBI Director Christopher A. Wray told a House hearing on Chinese cybersecurity threats that China “…has a bigger hacking program than that of every major nation combined.
“In fact, if you took every single one of the FBI’s cyber agents and intelligence analysts and focused them exclusively on the China threat, China’s hackers would still outnumber FBI cyber personnel by at least 50 to one.”Greg Hatcher
Hatcher , who has taught at the National Security Agency (NSA) and led red teams while contracting for the federal Cybersecurity and Infrastructure Security Agency, concurred, saying:
“China takes [cyber crime] very, very seriously, whereas America is lagging behind a little bit. I think there needs to be much more massive investment in offensive cyber operations in this country.
“China, Russia, and North Korea are the three biggest threats to the United States government’s cyberattack surface.
“We are in the year 2024, and we’re in full-blown cyber warfare.”
He added that there was not enough collaboration between government and private sectors:
“There also needs to be a partnership between government and industry to work together to shore up our cyber defenses.
“The threat is overwhelming, and if the government is over here doing its own thing and the private sector is over there doing its own thing, I think that we are doomed to fail because the government just doesn’t have the resources to fight this fight.
“In addition, federal employees who work in cyber operations can leave government work and go to the private sector, and oftentimes, they receive double their salaries.
“So the US government’s role is to keep those people actually defending the country as opposed to [moving to] the private sector.”
Routers Infected with Malware
There are cyber attacks against countries on any given day. The US faced two attacks — against a hospital and against a water supply — last Thanksgiving.
And only last week, the Justice Department announced it had intercepted a botnet of hundreds of US-based routers hijacked by the People’s Republic of China (PRC) state-sponsored hackers.
According to the Justice Department, hackers infected routers with the “KV Botnet” malware, designed to conceal the China origin of further hacking activities.
The vast majority of routers were Cisco and NetGear routers, used primarily for home offices or small offices, which were vulnerable because they had reached “end of life” status and were no longer supported through security patches or other software updates.
The court-authorized operation deleted the KV Botnet malware from the routers and took additional steps to sever their connection to the botnet, such as blocking communications with other devices used to control the botnet.
Attorney General Merrick B. Garland said: “The Justice Department has disrupted a PRC-backed hacking group that attempted to target America’s critical infrastructure utilizing a botnet.
“The United States will continue to dismantle malicious cyber operations – including those sponsored by foreign governments – that undermine the security of the American people.”
A Cyberwar on Two Fronts
Hatcher has taught guerilla urban warfare to the following groups: Kurdish Peshmerga in Iraq; Kurdish YPG (People’s Protection Units) and Kurdish YPJ (Women’s Protection Units) in Syria; and the Afghan Local Police and Afghan National Police in Afghanistan.
Speaking of cyber warfare in the context of traditional warfare, he said: “It’s never been more apparent how important cybersecurity is in modern military operations. I think more so over the last two years than ever before in history, especially on October 7, 2023, when Hamas attacked Israel with rockets.
“Within an hour of the rocket attacks, Hamas launched a distributed denial-of-service attack on the Iron Dome [Israel’s missile defense system]. The attack was aimed at disrupting the Iron Dome’s operations and rendering it ineffective in protecting Israel from attacks.
“However, Hamas did the same thing in 2021. They floated a bunch of rockets into Israel – the Iron Dome can only stop a finite number of rockets at one time – and launched denial-of-service attacks on the Iron Dome to overwhelm its early warning system [and prevent it from operating at full capacity].
“So Hamas learned this two years ago, and then it exploited a vulnerability in the Iron Dome system that Israel had not addressed.”
Hatcher also spoke to Techopedia about the cyber warfare in light of the Russia-Ukraine war, how businesses need to go on the offensive against malicious actors, and how polymorphic malware and artificial intelligence (AI) are two of the biggest threats today.
No comments:
Post a Comment