As for whether that state sponsor was Russia, “It’s difficult to imagine anyone else would want to do this,” Boyarchuk says.
Boyarchuk points to the timing of the attack, just before Ukraine’s Constitution Day, which celebrates the country’s post-Soviet independence…
More technical clues support that theory, some Ukrainian security researchers say. Kiev-based Information Systems Security Partners, which has acted as a first responder for several recent waves of cyberattacks on Ukrainian companies and government agencies, says it has found evidence that sophisticated hackers quietly infiltrated the networks of at least some Ukrainian targets two to three months before they triggered the ransomware that paralyzed those organizations. (source )
Security specialist Matthieu Suiche said in a blog post that it wasn’t a “ransomware” attack intended to make money, and is instead a “wiper” sent to eradicate data.
The fact of pretending to be a ransomware while being in fact a nation state attack — especially since WannaCry proved that widely spread ransomware aren’t financially profitable — is in our opinion a very subtle way from the attacker to control the narrative of the attack. (source )
Forensic analyst Oleksii Yasinsky told Wired that the intent was not money, even though this presented as a ransomware attack.
Rather than just encrypting infected hard drives and demanding $300 in Bitcoin for the decryption key, in some cases it simply wiped machines on the same network, deleting a victim computer’s deep-seated master boot record, which tells it how to load its operating system. Yasinsky argues that this behavior indicates the attackers weren’t, in fact, trying to extort payments from those victims but instead wanted to cause maximum disruption. (source )
They wanted to cause maximum disruption. Now, isn’t that just about the scariest thought ever?
What if the US was hit by a similar cyberattack?
Let’s go a little further down this rabbit hole and imagine such an attack happening in the United States. Because, really, is it that far-fetched? In fact, is it possible that this is a dry run for a massive attack on the American infrastructure? Maybe they want to see what happens when they take down the essential systems of a modern country on a smaller scale first, in order to maximize the effects on a larger target.
Scary, but possible.
Everything we do revolves around computers these days.
Businesses keep their records there. Systems are automated there. It goes on and on.
You know how I’m always encouraging you to watch survival movies and read survival fiction to enhance your prepared mindset? Let’s use this real life scenario and wargame the situation based on the systems that were damaged in Ukraine and think this through.
Banking would be disrupted. Many banks in Ukraine were hit by the attack, which means that people suddenly had no access to their money. Their credit and debit cards wouldn’t work and the ATMs were down.
In the United States, most folks use credit or debit as they go throughout their days. Gas pumps are set up to pay at the pump with your bank card. We think nothing of swiping our card at the grocery store or at lunch. We know we have money in there, and it’s less risky than carrying cash, in most folk’s minds.
But what if suddenly you couldn’t use your credit cards and debit cards? What if the ATM machines went dark and you couldn’t get any cash from them?
Imagine this happened when you were traveling on business, miles from home with a half empty gas tank. You wouldn’t be able to get a hotel room, get more fuel, get food – nothing at all unless you had cash on hand – and even if you DID have enough cash, there’d be other problems as you’ll see below.
You should always have enough cash and supplies on hand to manage for quite a while if commerce were to cease.
Gas stations would close. In Ukraine, getting fuel was difficult.
Of course, it makes sense that getting gasoline would be pretty tricky. Most gas stations are set up as pay-at-the-pump, and if you have cash, you have to go inside, pay, and they reset the pump to allow you the allotted amount of fuel…on a computer.
As well, the gas pumps themselves are digital in just about every place I’ve been in the past few years. Unless you manage to find some anomaly of a gas station where everything is still manual, the fuel you had would be all you’d have until things reverted to normal.
Business would be disrupted.
In Ukraine, the banks are offline, which means payment systems are also offline .
Most businesses link to banks to be able to take payments by debit or credit. Most people no longer carry around pockets full of cash, and even if they did, some businesses aren’t entirely equipped to take cash payments.
When I worked at a car dealership service department, half a lifetime ago, I recall getting the day off because we were utterly at a standstill when our systems went down. The technicians couldn’t do any kind of electronic repair (and let’s face it, these days, there’s a computer in your car controlling just about every aspect of its function), the advisers couldn’t invoice, no one could check to see if a job was covered under warranty…I’m sure that many other businesses are equally dependent.
Most retail businesses rely on the ability to scan items for the price and to track SKU numbers for inventory purposes. Their cash registers are inextricably linked to computers for both payment options, pricing, and inventory options. Commerce could grind immediately to a halt, which means, what you have on hand would be all you had until things were resolved. You could forget about getting goods or services.
With the banking systems inoperable, other systems would soon go down too.
Think about our day-to-day business. Most of us have things on autopay, like our mortgages, car payments, and other monthly recurring bills.
If the banking systems are completely shut down, then our automatic payments would also cease to work. This means that the businesses relying on those payments would immediately have a shortfall, something that could have long-term ramifications if the issue lasted for more than a few days. Once things came back online, there would be massive confusion and congestion as people tried to straighten out payments that didn’t go through.
Chaos.
Transportation could shut down. In Ukraine, both the major airport in the capital and the national railway system were shut down.
An attack like this could hit travelers the hardest. Imagine being at an airport to catch a connecting flight, and then discovering all flights had been canceled. If the computer systems were all down, you wouldn’t be able to rent a car to drive the rest of the way, and you wouldn’t be able to get a hotel room without cash, and you wouldn’t be able to buy any food unless you had cash on hand for that.
Commuters who rely on transit like trains to get back and forth to work would be stranded and without ATM access, most would be without any options. This is why you must always have a Plan B to get home when you’re traveling, along with the appropriate gear and footwear to walk if necessary.
The grid would fail.
In Ukraine, the power grid went down across a broad swath of the country.
In an event like this, it isn’t out of the ordinary for the power to go out. Our grid is extremely susceptible to a malware attack and something called “cascading failure.”
…malware can induce what’s often referred to as a cascading failure. This is what caused the massive blackout that occurred in the Northeastern US and Canada back in 2003. An overgrown tree branch in Ohio touched a power line, which caused that section of the grid to overload and shut down. The electricity had to be transferred to other power lines, which in turn also became overloaded. This chain reaction continued until 55 million people were without power. (source )
This can begin to have broad ramifications very quickly:
Most homes are reliant on the grid for heat or cooling.
No lights.
No hot water.
Food in the refrigerator or freezer would begin to spoil.
All the basics of a long-term power outage would apply, multiplied by all of the other things going wrong at the same time. Always be ready for a two-week power outage at the bare minimum.
Water could become contaminated.
Without the systems that keep municipal water supplies treated and distributed, it wouldn’t take long for the water from the taps to become contaminated and unsafe to drink – if it still flowed at all. Buying water at the store would be difficult, if not impossible, for all the reasons mentioned above, and even if you could buy it, the supplies would run out very quickly as others realized the tap water was unsafe to consume.
Always be prepared with water storage, a plan to acquire more water, and a way to purify water .
Dangerous infrastructure systems could be at risk.
The Chernobyl nuclear plant lost its ability to monitor radiation with the usual computerized systems.
Because Chernobyl hasn’t already had enough issues. The plant is still not fully decommissioned after the horrible disaster in the 80s, and some people are still working there monitoring for radiation leaks. All systems have had to revert to manual ones due to the cyberattack.
The United States has 99 nuclear reactors in 30 states. 99 Chernobyls waiting to happen?
Hospitals could be affected.
In the US, two hospitals in Pennsylvania were forced to cancel surgeries due to the Petya cyberattack.
During a widespread attack in the United States, there is potential for our medical system to be severely affected. Without access to patient records, terrible mistakes could occur. Many patient monitoring systems are computerized. Some life support machinery is tied into the grid. And what happens if the grid-down situation outlasts the fuel for the generators?
In a situation like that, there wouldn’t be much medical help available for incidents that occur during the disaster. You must keep some first aid and longer-term care supplies on hand, as well as informational guides to help you deal with health issues and emergencies as they arise. Know how to back this up with natural remedies in the event the situation outlasts your commercial supplies.
With all of this, unrest would erupt fairly quickly.
If the situation only lasted for a few days, society certainly wouldn’t break down. But if it stretched into weeks and more people began running out of the basics, we’d begin to see unrest on a massive scale. Think about it – what wouldn’t YOU do to take care of your hungry children? Add to this the now-refugees stranded in airports and other travel centers across the country, with no supplies and no way to get home. It wouldn’t take long for the need to outstrip any governmental efforts to supply aid.
Long before such a thing ever occurs, you should protect yourself by keeping your mouth shut . No one needs to know that you’re stocked to the rafters and ready for a situation like this. Secondly, you need to be prepared to protect your home and family should things go sideways . Here’s an article I wrote about why preppers must be armed and ready for unrest.
Are you prepped for something like this?
Prepping is prepping is prepping.
This, like any other disaster, assumes certain things.
The grid could go down.
Emergency services and first responders may not be there.
What you have on hand is what you have with which to survive,
If you’re away from home, the trip back could be difficult.
Have you thought this through?
What are some other things that could be affected by a massive cyberattack on the US? How would you prepare for something like this? Share your thoughts in the comments section below.
