In our ever growing and rapidly changing new world, cyberattacks have become more prominent, and more advanced, with a wide range of motivations. These intentional and malicious attempts by persons or groups to compromise information systems can only be expected to continue to escalate in the coming years.
In fact, cyberattacks are the new and improved way of going to war. Countries make use of these attacks in place of actual military warfare. It can be used as a method of deterrence, or retaliation between countries, proving to one another just how unpleasant a country could make life for the other, proving to be another potent weapon of choice. With conflicting views and the power struggle that exists in Asia, cyberattacks have become increasingly prominent.
Over the last few years, there have been some large and threatening cyberattacks in that region. Countries like North Korea, Japan, and India, to name a few, find themselves battling each other in the realm of cyber to push their own agendas and confront decisions that they do not necessarily agree with.
Some of the biggest cyberattacks in Asian history include the Sony Pictures Hack of 2014, the WannaCry Ransome Attack of 2017, and the Indian Cyberattacks of 2020.
1. The Sony Pictures Hack (2014)
The Sony Pictures Hack of 2014 was carried out by hackers in North Korea in retaliation to the film “The Interview”. The first trailer for the comedy film was made public by Sony Pictures Entertainment in June 2014, with an October 2014 release date. The narrative of the movie centered on two Americans who host a well-known talk show being enlisted by the CIA to interview and ultimately kill North Korean political leader Kim Jong-un.
North Korean officials expressed their dissatisfaction with the film's subject matter a few weeks after the trailer was made public. In particular, North Korea's envoy to the UN asserted that it was "an act of war" to distribute a movie that showed the death of Kim Jong-un. A foreign hacker organization called the Guardians of Peace (GOP), also known as The Lazarus Group, used sophisticated malware to breach SPE's network around a month prior to the film's scheduled release. This infection had a digital backdoor that allowed the crooks to repeatedly access the company's network and managed to elude SPE's antivirus program.
One morning, SPE employees saw a frightening message from the GOP as they logged into their work devices. According to GOP, the cybercriminals had taken several gigabytes of SPE's intellectual property and sensitive data, erased the original copies from all business devices, and threatened to make the information public if SPE didn't comply.
The GOP continued to use the malware's digital backdoor as a covert entry point even after SPE was able to re-enter its network. Over the course of the following several days, the GOP went on to share the company's information to the public and media, including a number of private emails exchanged between SPE staff members and movie executives, as well as personal records of thousands of current and former workers. Additionally, the GOP uploaded five of SPE's films—four of which had not yet been released—to online sharing platforms, resulting in millions of illegal downloads. SPE is estimated to have paid at least $35 million in the process of recovering from the hack, not including lost revenue from the illegally released films.
Image credit: Sony Pictures, 2014.
2. WannaCry Ransomware Attack (2017)
One of the most infamous ransomware attacks, WannaCry, took advantage of a Windows software flaw that was published in May 2017. It caused billions of dollars in losses from hundreds of thousands of infections, the effects of which are still being felt today. Investigators identified the attackers as The Lazarus Group, a gang of North Korean hackers that took advantage of a Windows vulnerability that the US National Security Agency (NSA) had unearthed.
In April 2016, the Shadow Brokers, another hacking collective, took advantage of the vulnerability, which was discovered in older Windows computers. Computers who hadn't updated were still at risk because this was only a month after Windows published updates to fix the issue. The nature and delivery of WannaCry were unique. Ransomware assaults are often isolated, affecting only devices that come into contact with the malware distribution system—for example, through links or websites that have been compromised. But because WannaCry was a worm, it could spread to other devices by using compromised PCs.
A world map shows where computers were infected by WannaCrypt ransomware since Sunday, as recorded by MalwareTech.com.
Indian Cyberattacks (2020)
Amid geopolitical tensions with China, there have been reports of an increase in cyberattacks in India, with a special focus on the government and vital infrastructure. One noteworthy instance featured a string of assaults on the Indian power industry, which sparked worries about the vulnerability of digital infrastructure and national security. After the power outage, it was publicly announced that the State cybercrime unit's investigation had revealed a potential cyber sabotage of the Maharashtra State Electricity Board system, which caused a power outage throughout Mumbai on October 12, 2020. In a plot twist, however, it was later reported that the outage was cascade tripping, due to a line going down 10 days earlier in a rainstorm. The end result, however, has caused the government to become more aware of and vigilant about their vulnerabilities.
Cyberattacks continue to threaten our information systems, as they continue to increase in popularity and in severity. If the last 10 years has taught us anything, it’s how important it is to combat these attacks as they become more common as a use of warfare and grow exponentially more advanced with new knowledge and training. These attacks have the power to destroy our information systems as we know and use them, making everyone more vulnerable.
Woman cooking in the dark due to power cuts.
Comments