Why politically motivated cyberattacks might be the new normal

June 30, 2017 by Jason Kornwitz, Northeastern University
Credit: Adam Glanzman/Northeastern University

An international cyberattack struck parts of Europe, Asia, and the United States on Tuesday, crippling tens of thousands of computers at banks, hospitals, and government offices worldwide. Initial analysis found that the attack was designed for profit, with the hackers demanding $300 in Bitcoin in exchange for unlocking victims' screens. But further evidence now suggests that the malware was a "wiper," designed to destroy data on targets' storage systems regardless of whether they gave in to the monetary demand.

"Initial reports suggested that this was a variant of an existing strain of ransomware," said Wil Roberson, assistant professor of science at Northeastern, who specializes in detecting and preventing web-based . "But it turns out that it was designed purely for destructive purposes."

The malware originated in Ukraine on the eve of the country's Constitution Day, leading one computer scientist to speculate that it was "aimed at generating chaos, not money." According to a New York Times report, many Ukrainians have cast their suspicions on Russia as the culprit.

Was this a state-sponsored attack? John Manferdelli, executive director of Northeastern's Cybersecurity and Privacy Institute, is not 100 percent sure. But he said "it certainly smells bad," referring to the high probability that Russia is the source of the virus.

Manferdelli himself is the former engineering director for production security development at Google. He noted that "cyberattacks are nothing new," explaining that hackers have been using ransomware and stealing intellectual property for years. But he added that politically motivated hacking might be on the rise, the new normal. "People forget that cyberattacks were quite common five or even 10 years ago," he explained. "What's different now is the motivation."

Robertson agreed, saying that we'll "certainly see more and more nation-state malware cropping up as cyberspace becomes more militarized as a way to achieve geopolitical goals."

This wiper attack—like last month's WannaCry ransomware attack—reportedly used hacking tools that were stolen from the National Security Agency and leaked online by a group called the Shadow Brokers. WannaCry infected more than 300,000 computers in over 150 countries worldwide, making more than $80,000 in the process. The hackers behind the wiper, dubbed "Petya," have made less than $10,000, reinforcing the theory that money was not their primary motivation.

Robertson and Manferdelli advised ransomware victims not to pay up, even if doing so would allow them to recover their data. "Typically you don't want to pay the ransom, because there's no guarantee that you'd get your files back and you're really just sending money to a criminal enterprise," Robertson explained.

Carla Brodley, dean of the College of Computer and Information Science, noted that people could protect themselves from future attacks by updating their software and backing up their data. Running an out-of-date system, she said, is a surefire way to be hit with the next WannaCry- or Petya-like attack. "When your auto update pops up on your computer screen when you're watching Orange is the New Black," she said, "stop binge-watching the show and update your system immediately."

Explore further: Ransomware, the weapon wielded in cyber attacks

Related Stories

Alarm grows over global ransomware attacks

May 12, 2017

Security experts expressed alarm Friday over a fast-moving wave of cyberattacks around the world that appeared to exploit a flaw exposed in documents leaked from the US National Security Agency.

Recommended for you

Printing microelectrode array sensors on gummi candy

June 22, 2018

Microelectrodes can be used for direct measurement of electrical signals in the brain or heart. These applications require soft materials, however. With existing methods, attaching electrodes to such materials poses significant ...

EU copyright law passes key hurdle

June 20, 2018

A highly disputed European copyright law that could force online platforms such as Google and Facebook to pay for links to news content passed a key hurdle in the European Parliament on Wednesday.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.