War in Ukraine began years ago, cybersecurity expert says


The problem is so bad that cybersecurity insurance providers are losing money. In response, they're increasing premiums and raising the bar on what's considered best practices that clients must follow to be fully covered, Johnson said. — Reuters

SCHERERVILLE: Russia's war against Ukraine might seem to have begun just weeks ago, but that's not the whole story, cybersecurity expert Robert Johnson III said.

Johnson, president and CEO of Merrillville-based Cimcor, said Russia's attacks on Ukraine have been ongoing for years. Cimcor offers real-time cybersecurity monitoring and protection with clients including federal agencies and large corporations.

"This has always been a shadow war. This has been going on for a long time," he said.

Ukraine regained its independence in 1990 after decades of Soviet control.

In 2015, Russia's state-sponsored hackers brought down Ukraine's power grid, leaving 236,000 people without power, Johnson told Lake County Advancement Committee members at a luncheon at Teibel's Restaurant.

In 2017, Russia attacked Ukraine's financial systems, wiping out data. "It was literally to destroy the data and other information on these systems," he said.

That same attack caused the radiation monitoring system at the Chernobyl nuclear power plant to go offline. A 1986 accident at Chernobyl resulted in 30 deaths, according to the World Nuclear Association. The group blamed a flawed reactor design and inadequately trained personnel.

"Some of the sites for Russia have also been brought down by Ukrainian hackers," Johnson said.

Johnson is concerned about deepening diplomatic relations between China and Russia and their attacks on US computer networks. Those two countries along with North Korea and organised crime, are the four top sources of malware, he said.

Cyberattacks by state-sponsored hackers aren't limited to Russia, China and North Korea. A computer virus is credited with slowing Iran's development of nuclear weapons.

Here in the United States, cybersecurity threats are detected and contained an average of 287 days after the initial breach. Johnson put that in perspective. If a security breach happens on Jan 1, it wouldn't be detected and remediated until Oct 14.

"We hear about cybersecurity all the time, and yet we aren't making any progress," Johnson said. "In fact, it's getting worse."

The problem is so bad that cybersecurity insurance providers are losing money. In response, they're increasing premiums and raising the bar on what's considered best practices that clients must follow to be fully covered, Johnson said.

A security breach costs an average of US$4.24mil (RM17.84mil) globally but US$9mil (RM37.86mil) in the United States, he said.

Ransomware is a common problem. A hacker gains control of a computer system, deletes backups and demands payment to restore control to the owner. "We recommend don't pay the ransom. You're better off restoring to one of those old backups," Johnson said.

Victims who pay the ransom often don't get all their data back anyway.

Preparing for attacks like that includes having three backups on two types of media with one of them stored offsite — the 3-2-1 rule, he said.

Among the cybersecurity challenges Johnson is worried about is the increasing number of Internet-connected devices is a threat, too. Cable boxes and pacemakers have been hacked, he noted.

The skills gap is an issue, too. There are far too few cybersecurity professionals. Some are training for that career, but it will take time to get them out of college and up to speed. – The Times, Munster, Ind./Tribune News Service

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!
   

Next In Tech News

Exclusive-Grab sees no big layoffs despite weak market
Opinion: Profits and security? Who cares
Opinion: Just reboot it
Tech workers flooded Hawaii in the pandemic. With remote work on the decline, what now?
‘Omega Strikers’ is a mish-mash of genres that somehow works
Australia's Optus contacts customers caught in cyber attack
A world without passwords: What Big Tech's switch to Fido 2 means
Hanoi closes Instagram hotspot 'Train Street' over safety concerns
’FIFA 23’ will let you play as fictional football coach Ted Lasso
Bankrupt crypto lender Voyager's CFO to exit months after appointment

Others Also Read