INSIGHTS
Cyberattacks occur when computer
systems are manipulated to cause harm - including but not limited to
destruction, disruption, manipulation, theft, and unauthorized disclosure. Banks,
companies, government agencies, and individuals can all be targets. Cyberattacks aimed at critical urban
infrastructure are particularly challenging because they can affect everything
else including the basic services that all communities rely on - electricity,
water, transportation, food, healthcare, communications, and more.
A cyberattack on a hospital or an
electric utility (as opposed to, say, a retail store) has the potential to
create life or death situations. Sophisticated hackers can cause physical
damage to important equipment, not just to information systems, although these
are fairly rare. Critical urban infrastructure systems are particularly
vulnerable to cyberattack because they typically rely on a patchwork of
specialized and complex/hard to maintain technologies.
Who
are the Attackers in Urban Infrastructure?
Who are the attackers? Are national
governments attacking each other? You may wonder whether ransomware attacks are
undertaken mostly by individuals working on their own. It is true that many
attacks are initiated by individual criminals. On the other hand, while it may
not be nation-states or governments doing the actual attacking, they may be
providing financial support for criminal groups. According to MIT, nation-states are probably
behind many attacks. They don't think that most attackers are just rogue
groups or individuals. Understanding this is very important in trying to figure
out ways of eliminating ransomware attacks on critical urban infrastructure.
The attacker in the Urban Infrastructure is most commonly Nation-States, based
on the Research.
Why
do the Attackers go after Urban Infrastructure?
They try to disable the object of how
the civilization work, by causing chaos. They may not necessarily be looking
for money. Their objective may be causing a disturbance in the society, by
attacking this public system. Therefore, they go after urban infrastructure to disable
the working of the city. For e.g. “SamSam” is Iranian ransomware that
was prepared only for causing chaos and mess in Colorado city.
What do
we do once we get attacked?
Well if you are in the US, the first thing
you can do is call the FBI, but they can't fix it though, they will only help to
find the attackers and go after them. So, such urban infrastructure pays a huge amount
of money to the service companies who help them bring online after the attack,
help to prevent such attack in the future. For example, the city of Atlanta and
Baltimore were attacked and they ended up paying $20Million to the Professional
Service Companies to unblock the system blocked by the Attackers.
How
attackers and their Methods evolved over time?
Well, much of the attacks have
actually not changed entirely. But the scale of them has changed. If you look
back a little bit of time now to a big attack against cities in Texas, over 20
cities were attacked at once. They attacked the supplier, the supplier is in
all of these Texas cities, and the cities all got ransomwared at once, causing
a state of emergency in Texas, a great example of how you can take out a huge
swath of urban infrastructure at once.
You may wonder, have their methods gotten
more sophisticated? Well, not necessarily. Recently, many of these attacks have
been ransomware because it's easy to anonymize themselves using bitcoin, which is
an anonymous payment method, so that they're not necessarily traceable so that
if they attack the city, they don't actually get traced right back to the
attacker.
Hence to find out who are these attackers,
it difficult to find them. But they change over time, But the reason these
attacks are possible is due to the Urban Infrastructure. According to MIT, for
now, the people who are attacking are the Nation-States and so it is better to
be prepared.
0 Comments