Page 67 - Cyber Defense eMagazine October 2023
P. 67
Hackers; The Reality
The damage from hackers can result in the bizarre to the devastating. In July 2017, the BBC reported
how two individuals could hack into a Laserwash (automated car wash) to make it attack vehicles once
inside. “...at the Black Hat conference in Las Vegas, Billy Rios of security firm Whitescope and Jonathan
Butts from the International Federation for Information Processing showed how easily the system could
be hijacked.” Hacking in via a weak password and an outdated Windows Control System, they wrote “an
exploit to cause a car wash system to physically attack…” and “make the roller arms come down much
lower and crush the roof of a car…” The carwash hacking was more of a publicity stunt, but it proved how
vulnerable our connected world has become. There were far more nefarious incidents to follow.
Also, in 2017, Equifax experienced the most significant recorded data breach. Equifax let several security
areas lapse and allow attackers access to sensitive Personally Identifiable Information (PII), including
date of birth, social security numbers, addresses, driver’s license numbers, etc., of over 143 million
customers. The hack went undetected for 76 days, and in the end, according to the Federal Trade
Commission, “The company has agreed to a global settlement with the Federal Trade Commission, the
Consumer Financial Protection Bureau, and 50 U.S. states and territories. The settlement includes up to
$425 million to help people affected by the data breach.”
In a bizarre example of reality following the fictional WarGames movie, in 2021, the Colonial Pipeline, an
American fueling company, was the target of hackers who unleashed the DarkSide (named after the
hacking group) ransomware via a legacy Virtual Private Network (VPN) system that did not have multi-
factor authentication. Darkside stole 100GB of data and caused a fuel shortage along the east coast.
More recently, in 2022, the Red Cross disclosed that a state-backed hacking group gained access to the
personal information (names, locations, and contact information) of over 515,000 people in the "Restoring
Family Links" program that helps reunite families separated by war, disaster, and migration.
Rise Of The Hive
Today, hackers have organized into well-structured businesses that compete for top talent, from CEOs
and HR to project managers and coders. CNBC writes that these organizations have “a leader, like a
CEO, who oversees the broader goals of the organization. He or she helps hire and lead a series of
project managers, who execute different parts of each cyberattack.” The news article explains that
“Criminal groups also have aggressive salespeople work to displace their competitors by stealing
territory,” and that some groups “offer DDoS-for-hire services.”
Several hacking groups are more prolific than others, and a few have become infamous in the last few
years—the Hive group is one such gang. Active since 2021, the Hive made its name by successfully
targeting several healthcare providers in the U.S., then moved to schools and colleges, government
agencies, real estate companies, and even police departments across the country. Not shy about
boasting about its crimes, the group even posts details of some of them on its dark web blog.
Instead of stopping solely conducting attacks, Hive realized it could make even more money by selling
its software to other groups or individuals, creating the Ransomware-as-a-Service (RaaS) model. This
Cyber Defense eMagazine – October 2023 Edition 67
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.