Weekly Security Roundup with Clinton Pownall

By Clinton Pownall
 President & CEO
 Computer Business
Consultants

“Hackers Hit JBS, the World’s Largest Meat Processor” That’s the headline in The Washington Post, about another crucial supply chain attack, coming just weeks after the shutdown of the Colonial Pipeline. JBS announced the attack against its U.S. and Australian operations over the weekend. Fortunately, according to The Washington Post “Its backup servers were not affected. The company is working with an outside cybersecurity firm to restore its systems.” The JBS attack is also an attack on livelihoods, impacting the workforce both directly and indirectly as JBS employees and employees of their customers and vendors are impacted while JBS Foods restores its IT operations.  One sign of the impact is this headline from Minnesota’s Star Tribune: “Shifts canceled at Worthington meat plant after JBS hit by cyber attack.” Supply chain attacks are worrisome because of the big impact they can have on the general population. Attacking the food supply is especially egregious and underscores the need to better protect the nation’s IT infrastructure. More to come in next week’s Security Roundup when we will be able to better see the financial impact of this attack.


Microsoft Shares More Bad News About Russian Hacking. I think the news from Microsoft last week, released in a security blog headlined “Another Nobelium Cyberattack,” caught many by surprise. The same Russian cyber espionage group linked to the massive SolarWinds breach, was at it again. This time, using hacked credentials from the mass mailing service Constant Contact to send out phony e-mails pretending to be from the United States Agency for International Development (USAID) to more than 3,000 individuals associated with more than 150 organizations that regularly receive email from USAID. The New York Times published images of the official looking phishing e-mails, which carried the headline: “USAID Special Alert: Donald Trump has published new documents on election fraud.” Below that headline was a button labelled: “View documents.” Anyone clicking on that button would unleash malware that would give the Russian hackers control of their computers. Microsoft VP Tom Burt, author of the blog announcement, wrote: “At least a quarter of the targeted organizations were involved in international development, humanitarian, and human rights work. Nobelium, originating from Russia, is the same actor behind the attacks on SolarWinds customers in 2020. These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies involved in foreign policy as part of intelligence gathering efforts.” Forbes writes that targeting humanitarian and human rights groups suggests “It was a deliberate attack on groups that have been critical of Russian President Vladimir Putin and his administration.”


Are We Seeing a New Form of the Old Cold War? Those of us working in cybersecurity, can see what appears to be an escalation in attacks on U.S. critical IT infrastructure. A casual reader of headlines may see SolarWinds . . . Colonial Pipeline . . . USAID . . . as just a parade of hacks. But there seems to be a chilling escalation, as hackers from Russia—and other nation states—seem to be able to breach our systems at will, and to do so broadly. Anyone who was alive prior to the old Soviet Union collapsing in 1991, will recall the constant headlines about a Cold War between the Western democracies and  the Eastern European countries dominated by the old USSR. Typical headline: “Is the Cold War Heating Up?” One could ask the same about what’s happening now in cyberspace. As with the Cold War, the question was always what is the proper response? As, in retrospect, the beauty of the Cold War was that it never became a hot war. You can see the same arguments today. The New York Times quotes James A. Lewis, of the Center for Strategic and International Studies in Washington, as saying: “The U.S. tends to get too hung up on proportionality. We were too cautious in responding to SolarWinds and that turned out to be a mistake. The way you set boundaries is through action, not by sending them nasty, diplomatic notes.” On the other hand, The New York Times says American officials have often been reluctant to respond to cyberaggression in kind, in part because the country’s own defenses are so inadequate. The paper quotes Kiersten Todt, Managing Director of the Cyber Readiness Institute, as saying: “Until we are confident in our own ability to deflect Russian cyberattacks, our actions will continue to be driven by concerns over what Putin will do.”


Placing a Spotlight on Security. Recent attacks against U.S. IT infrastructure have certainly shone a much-needed spotlight on security. The Washington Post reports that at the same time discovery of the USAID attack was being announced, Senate confirmation hearings were underway for Robert Silvers, President Biden’s nominee to become the Department of Homeland Security’s (DHS) Deputy Secretary for Strategy, Policy and Plans. Silver testified, “Recent incidents from SolarWinds to Colonial Pipeline have only further highlighted the urgency to secure critical infrastructure and federal networks from cyber attacks. If confirmed, I will focus closely on fortifying DHS efforts on this critical work.” There will be plenty to do. The Washington Post notes “Several cybersecurity-related agencies lie within DHS, including the Cybersecurity and Infrastructure Security Agency, or CISA, the U.S. government’s top civilian cybersecurity agency; the Transportation Security Agency, or TSA, which oversees pipeline security; and the Secret Service, which conducts some cybersecurity investigations.”


Clinton A. Pownall is the President & CEO of Computer Business Consultants and has been in the IT field since 1990. Pownall served in the U.S. Navy for six years as a Weapons Systems Technician and has a Bachelor of Science in Computer Engineering. Through Computer Business, he was one of the first to pioneer VoIP technology using satellite communications. He is a member of the Florida Police Chiefs Association, and advises law enforcement agencies on cyber security. Pownall serves on several boards and committees and has a strong affiliation with various arts and education groups, local school districts, and served in regional efforts of the Bill & Melinda Gates NextGen Foundation. He’s served as a Vice President of the Board of Director for the Orlando Shakes Theater and is heavily involved in the South Lake Chamber of Commerce, West Orange Chamber of Commerce, and the Orlando Economic Partnership.