INDIANAPOLIS — After the City of Gary was hit with a cyber ransomware attack, it had to rebuild its servers. LaPorte County ended up paying cyber criminals $132,000 after it was hit with ransomware.
Lake County government, Eastern Hancock schools and a hospital in Greenfield have been victims, as has the City of Carmel, and Lawrence County.
Lawrence County officials, including the sheriff and county commissioners put out this statement:
"On February 7, 2020, we discovered that certain systems and services within Lawrence County Government were rendered inoperable due to a ransomware event. As soon as we became aware of this, we immediately took steps to secure our network and commenced an investigation to determine what happened. We are working with the appropriate state authorities to try to resolve this incident. In addition, leading third party experts have been engaged to assist with our response to this incident."
In Lake County, according to the NWI Times, its IT staff ended up installing cybersecurity software on 3,000 individual employee laptops. They are also working through installing cybersecurity to clear the ransomware on 40 county servers.
Earlier this month, CNN's Jake Tapper asked U.S. Energy Secretary Jennifer Granholm if cyber criminals had the capability to shut down the U.S. power grid. “Yeah, they do,” Granholm responded. “There are very malign actors who are trying, even as we speak. There are thousands of attacks on all aspects of the energy sector and the private sector generally. It’s happening all the time. This is why the private sector and the public sector have to work together."
“The bottom line,” Granhold said, “is we have all got to up our games, with respect to our cyber defenses.”
This threat isn't new. In 2018, Director of National Intelligence Dan Coats told National Public Radio, "Each morning when I get up, I'm given a roundtable of news on what happened while I was asleep, or what happened yesterday around the world. And almost without fail, the longest section of this news roundup is the section on cyber issues, which details multiple reports of cyberattacks and alerts."
Coats continued, "It was in the months prior to September 2001 when, according to then CIA Director George Tenet, the system was blinking red. And here we are nearly two decades later, and I'm here to say the warning lights are blinking red again. Today, the digital infrastructure that serves this country is literally under attack. Every day, foreign actors — the worst offenders being Russia, China, Iran and North Korea — are penetrating our digital infrastructure and conducting a range of cyber intrusions and attacks against targets in the United States."
"In regards to the state actions," Coats explained, "Russia has been the most aggressive foreign actor — no question."
For instance, Trickbot malware is associated with Russian criminal groups that have often worked in collaboration with Russian intelligence services, including those responsible for the interference in the 2016 U.S. presidential election, according to Lawfare Blog. "U.S. Cyber Command targeted this malware in autumn 2020 in an unprecedented use of military offensive cyber operations to disrupt a purely criminal operation," Lawfare's Jason Healy reported.
Speaking to the Indianapolis Economic Club in 2019, Coats explained, “The technological changes in the private sector and around the world are evolving so quickly.” While Presidents Xi in China and Putin can make unilateral weapon system decisions, American presidents need to go through Congress, through legislating, budgets, authorizations and appropriations. “The change in technology is so fast, a government process cannot keep up. Decisions have to be made. Dictatorships and monarchies don’t have that system. A dictator can say, ‘I want this, do it in six months. Get it done.’”
Heading into President Biden's summit with Russian President Vladimir Putin this week, the fresh headlines included cyber attacks on American pipelines (which created gas shortages and long lines at the pumps in Southeastern U.S.), its biggest meat packing company, and an array of public transit systems, hospitals, and universities.
Russia has been a haven to cyber criminals who have been creating cyber mayhem, with the imprimatur of Putin. "He knows there are consequences. He knows I will take action," Biden said, adding that he told Putin that the U.S. has “significant cyber capability.”
"He knows it," Biden said. "He doesn't know exactly what it is, but he knows it’s significant. If in fact they violate these basic norms, we will respond."
Back at the height of the Cold War with the since-collapsed Soviet Union, U.S. intelligence operatives seeded faulty pipeline technology to spies, with U.S. reconnaissance finding ruptured installations as a result.
Biden said he provided Putin a list of 16 sectors of "critical infrastructure" that should be "off-limits for cyberattacks."
"The principle is one thing, it has to be backed up by practice," Biden said. "Responsible countries need to take action against criminals who conduct ransomware activities on their territory.”
Will Biden's warning to Putin bear results?
Perhaps we will know if the cyber attacks stop, or if the lights in Moscow flicker off one night.
The columnist is publisher of Howey Politics Indiana at www.howeypolitics.com. Find Howey on Facebook and Twitter @hwypol.