Smaller US Cyber Attacks Could Mean Bigger Problems
A recent hack involving a substantial city law computer system in New York over the weekend could be yet another clue that foreign bad actors are gaining ground.
The New York City Law Department was forced to disable their own computer network on Sunday afternoon after detecting a cyber attack within the 1,000-lawyer agency that represents the city in court. The breach was first detected on Saturday, but by Monday morning, access to the network was still limited due to “connectivity” problems.
“No one is currently able to log on to the Law Department’s computer system,” New York City lawyer, Katherine J. Weall, wrote in an email on Monday. Another lawyer for the department had to file for an extension on a deadline with a federal judge in Manhattan due to the outage.
Later in the day, city officials confirmed that a cyber attack detection had forced them to disable the Law Department’s entire computer network on Sunday afternoon. According to officials, the weekend attack on the legal system is now under investigation by the intelligence bureau of the New York Police Department and the FBI’s cyber task force.
Mayor Bill de Blasio made a television appearance on Monday evening to reassure the public that there was no real evidence of any compromised data and there had been no ransom demand. But, de Blasio also warned that the situation was still “emerging.” Laura Feyer, a spokeswoman for Mayor de Blasio, told The Daily News, who first broke the story: “[The City’s Cyber Command] promptly launched an investigation into the matter.” Feyer went on to explain, “As the investigation remains ongoing, the City has taken additional steps to maintain security, including limiting access to the Law Department’s network at this time.”
Despite the lack of a ransom request or proof of a substantial information breach, this latest hack is especially concerning — this system houses one of the biggest law offices in the country that handles lawsuits, city contracts, and legislative proposals. Private information, such as social security numbers, are also at risk in a system breach of this kind.
While this technological hack does not appear to be immediately detrimental in terms of stolen information, and it does not create the same shortage and safety issues that the recent Colonial Pipeline Company and JBS meat processor attacks posed, it still presents a different sort of danger. Not only has another breach occurred within a US government system, the types of institutions that are being targeted, when assessed as a part of one long-ongoing hacking experiment, represent a very diverse and complex system of targets that could force a complete shutdown within the United States if the attempted hacks are simultaneously perfected.
Data technology is essentially two-pronged: it involves the software that drives information and the software that enables operations, commonly referred to as information technology (IT) and operational technology (OT) respectively. Plainly put: IT runs the books, while OT keeps the factory running.
The information technology is typically the first targeted with weaponized software, or “malware,” because this area holds the data that can be monetized. Additionally, the IT side is more exposed to the internet, which means it is more vulnerable to bad actors attempting to hack into the system. The results from these types of money-driven system attacks have primarily meant some customer data loss, identity theft, and some fraud losses.
The Colonial Pipeline Company and JBS meat processor hack attacks have provided another layer of threat — one that has the potential to create a sourcing disaster while possibly obfuscating actual intent. Hackers that demand ransoms to restore system operations and access could be bad actors who are just in it for the money, or it could be a more insidious way for a foreign government to camouflage its role in an attack by deflecting responsibility.
Hostile intelligence agencies in Russia, China, and possibly Iran can remotely disrupt the electric grid within the United States and the delivery of vital goods and services. The federal government formally assessed and publicized the threat years ago. Despite knowing about these cyber weaknesses and the possible diplomatic and geopolitical ramifications to the US, little has been done by the federal government to find a solution to lessen or stop the ongoing threat.
If the most recent hacks are the work of a unified collective, then the system attacks at various levels that have the potential to disrupt civil and corporate operations should be cause for even more alarm. The possibility that several different types of hacks are currently being attempted as practice in perfecting one massive multi-system hack is a genuine possibility.
Considering that several state-wide election systems were breached in 2016, it might be that the next Midterm election is not the end-goal but rather another practice attempt to perfect a Presidential Election hack in 2024. While gas shortages and inference with national food supply is a scary proposition, smaller attacks like the one on the New York City Law Department could be cause for more concern and could represent the evolving skill and diversification by a substantial foreign enemy.
Amee Vanderpool writes the SHERO Newsletter and is an attorney, published author, contributor to newspapers and magazines, and analyst for BBC radio. She can be reached at avanderpool@gmail.com or follow her on Twitter @girlsreallyrule.
Paid subscriptions and one-time tributes embedded in each article, allow me to keep publishing critical and informative work that is sometimes made available to the public — thank you. If you like this piece and want to support independent journalism further, you can forward this article to others, get a paid subscription or gift subscription, or donate once through the tribute options above. Thank you for your support!
Well, this is all thoroughly horrifying.
And you can be assured that Republicans in Congress will NEVER approve funding to do ANYTHING to prevent future cyberattacks. They're all in on the Russian/Otherkin (alien?) manipulation of our electoral systems.