Russia Invades Ukraine: Hacking and Cyber-warfare

“May you live in interesting times!” according to my abbreviated personal history we are indeed living in interesting times. However, this ancient Chinese curse would appear to apply across the globe and even to encompass China itself, and hacking plays a larger part than we may imagine.

I cannot wrap my brain around an outcome to our current global state of affairs that leaves any country in a winning position. I think we are all going to suffer some consequences. None of us as much as the Ukrainians perhaps, but some consequences all the same.
 

A current case study

Putting the macro economic outcomes aside for a moment, what do we know about hacking and cyber-warfare?

I subscribe to a number of financial newsletters and podcasts. The authors of these letters and podcasts offer some very interesting insights. All these authors are pragmatists, politically agnostic, simply asking “What does this mean to me on a financial level?” To that end, the information they provide is focused, concise and illuminating. There is no color to the lens, just clarity.

According to Rodney Johnson of the ‘Rodney Johnson Report‘, with regard to the war in Ukraine, there has been moderate activity on the state organization hacking front, some originating in the Ukraine aimed at Russian targets, some originating in Russia aimed at Ukrainian targets. However, most of the activity has come from Hacktivists and Independent hacking groups rather than state or state sponsored organizations. Although state and state sponsored cyber attacks are a concern, it may be the Independent groups that are more of a problem. Indeed, the ‘Cyber-warfare’ in this case seems to have been very limited, and that may well be due to a misunderstanding about the technicalities of hacking and the technicalities of conventional warfare.
 

Hacktivists target Russia, Ukraine and Japan

Cyber Crime Graphic. HackingThe hacker community “Anonymous” shut down the Russian international news site RT, and then went on to disable a number of Kremlin web sites. The attacks were unsophisticated DDoS, Distributed Denial of Service attacks using a mass of sending servers to drown the target sites with massive inbound traffic. These were down and dirty, speedily mounted attacks, not doubt a prequel for what is to come.

Another group targeted Kojima Industries in Japan, after Japan pledged support for the Ukraine. This parts manufacturer subsequently failed to deliver it’s product to Toyota, leading to a single day of suspended production of 13,000 vehicles. What is stunning, is how quickly this all escalated from an issue involving two European countries at war, to the targeting of a business in Japan. This wasn’t collateral damage. This was the outcome of upset at the stand a country took to this conflict. This is akin to someone burning down your house because you cheered for a team they didn’t like. This one incident should be of great concern to us all. In a time of stretched supply chains and rising inflation, hackers targeting manufacturers bodes ill for the future.
 

A worrying hacking trend

Late last year hackers targeted a Brazilian meat producer, ‘JBA SA’. ‘JBA SA’ accounts for roughly 23% of the US maximum capacity for beef production and about 20% of pork capacity. In the same month hackers also targeted New Cooperative & Crystal Valley Cooperative, both agricultural services companies. Following the attack, New Cooperative announced that 40% of the nation’s grain production runs though it’s software. Look at those numbers again. Those are not trivial amounts of produce. This by the way is a trend that started in 2020 and is growing. It brings a new meaning to the phrase “Food for thought.”
 

A paradigm shift in our thinking about hacking

The fatal mistake at this point is to think, “We don’t produce any of those commodities and we are not big enough to be a target.”

We need to look at this and think, “Holy cow! When are we going to get hacked?” We have to start thinking When and not if. To that end we need to change our practice. We cannot afford to be lower our defenses, but we must prepare for disaster.

A smart man once said, “The problem is that you guys all plan for success… I plan for failure…. I plan for everything to go wrong.” That is how we need to start thinking right now, because trying to plan your way out of a fight while you are in the fight is nigh on impossible. We need to be ready to respond to a breach appropriately, confidently and in a timely and ordered manner. We need to prepare and the time to prepare is now!

If you would like to talk about this please feel free to contact us at info@deltaplusit.com