When Cybersecurity Becomes Cyber Warfare

My last two columns have been about Cyber Security and, unfortunately, I need to take a deeper dive into that realm and talk about cyber warfare and its’ potential impact. First, we will define the difference. Cyber security deals with the hacker who wants to prove their skills or make a point and criminals who will steal or leverage data that has value. Cyber warfare is more about nation states who wish to harm the economy or infrastructure of other nation states and do not care about unintentional “collateral damage.” Cyber warfare is more oriented towards the destruction of data and infrastructure than leveraging data.

Most of us are unaware of two devastating attacks occurring last year. In May of 2017, North Korea targeted Taiwan through a semiconductor manufacturer using malicious ransomeware called “Wanna-Cry,” that spread far beyond Taiwan, costing an estimated $4 billion to $8 billion. The attack did not require human negligence to propagate the worm, because it was totally automated, looking for and exploiting a Windows Operating System vulnerability.

Even though the worm-encrypted data required payment in “bitcoins” (hard to trace cryptocurrency) for the encryption key, North Korea was more interested in showing off and demonstrating their capabilities than gaining funds through illegal actions.

The second, and much more devastating attack, was perpetrated by Russia against Ukraine. The Russian military infected a single Ukraine-based server that provided updates to an application called M.E.Doc; essentially, it is a Ukrainian version of Quickbooks used by everyone who files taxes or does business in the country. This malware, called “NotPetya” (a play on words - Petya is a known ransomware also attributed to Russia as the point of origin), was a cyber bomb. It did not simply encrypt data and hold it for ransom, the application irreversibly encrypted the computer/server master boot records that tell the computer where to find its own operating system. No key even exists to un-encrypt the file—the computers could not even restart.

Within hours, it raced around world crippling; hospitals in Pennsylvania, a chocolate factory in Tasmania, international companies like Danish shipping line Maersk, pharmaceutical giant Merck, FedEx European subsidiary, and even back in Russia, the Russian state-owned oil company—Rosneft. The low end of total costs is currently hitting $10 billion. For example, Maersk, with 18,000 container vessels at ports around the world, had to rebuild their entire system from scratch. That is 4,000 servers and 45,000 computing devices in 157 countries, with all of the applications and databases. Yes, they had backups, but they had to start with brand new devices or completely wipe existing computers and reload them like the manufacturer does at the factory.

In both situations, it started with a cyberattack perpetrated by one nation state targeting a nation state they considered their adversary. Yet, these cyber weapons could not be controlled once they were released and damaged many businesses.

Why am I writing about Cyber Warfare in a school facilities magazine? It is simply part of the world we live in. There is irony that of the two primary hacker tools used by NotPetya, one was created by the US National Security Agency (NSA) and leaked in a security breach!!! If the NSA can get hacked, there are no boundaries in cyber warfare, and your district is at risk.

The information currently being released regarding both attacks indicate the entry points were servers or computers using Operating Systems no longer supported by the developer. Microsoft released a security patch that addressed the vulnerability exploited by NotPetya, but those patches were never received by servers and employee computers running software versions no longer supported by Microsoft. A second point of post-event analysis was the lack of network segmentation.

The message to your cabinet is that the district IT systems are at risk. Protection means providing a budget sufficient to keep all of the server and computer operating systems current. That may have a cascading effect.

If your old application cannot run under the new server version, you have to upgrade your application. Segment your network using Identification and Authentication Management tools so that your firewall monitors the public and private side of your network looking for suspicious activity. Make sure all security patches have been installed, that your backups occur daily, and your security subscriptions are up to date.

This article originally appeared in the School Planning & Management October 2018 issue of Spaces4Learning.

About the Author

Glenn Meeks is president of Meeks Educational Technology located in Cary, N.C. He can be reached at [email protected].

Featured

  • Greenheck Launches New Series of Rooftop Units

    Air movement, control, and conditioning solutions provider Greenheck recently launched a new line of rooftop units that merge the conveniences of traditional rooftop ventilators and dedicated outdoor air systems, according to a news release. The Model RT controls temperature and humidity for indoor comfort.

  • Clemson to Launch North America’s Largest College Campus Smart Parking Program

    Clemson University in Clemson, S.C., recently announced a partnership with smart parking and curbside management solutions provider eleven-x to launch a smart parking initiative for its population of 29,000 students and faculty, according to a news release.

  • Rice University to Build New Student Life Complex

    Rice University in Houston, Texas, recently announced that a groundbreaking ceremony for the upcoming Moody Center Complex for Student Life (MCCSL) will take place on May 8, 2025, according to a university news release. The 75,000-square-foot facility was designed by architecture firm Olson Kundig with Page serving as executive architect, and it has an estimated completion date of fall 2027.

  • KI Wall Demonstrates New Solutions at NeoCon 2025

    KI Wall attended NeoCon 2025 in Chicago, Ill., last month to showcase its new architectural wall systems and collaborations, according to a news release. Its customizable, design-forward wall solutions are intended to support creativity in work, education, and healthcare environments.

Digital Edition