Cyber Hot

The White House issued a statement today warning of potential cyber incoming from Russia, and urged everyone to patch their shit.

“Today, my Administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks,” said the statement attributed to President Biden. The President also said that while the US government had been working to harden itself against cyber threats, etc., “the Federal Government can’t defend against this threat alone.”

All the infosec and cyber jockeys in the back of the Meta virtual room did the slow clap, because honestly we have been trying to get everybody to adopt defense in depth and multifactor and to patch their shit since 1999, and honestly we feel like very few people have really seen us like Biden sees us right now. Kinda makes us blush. But honestly, it’s a little too late for that.

For instance, the Log4j vulnerability, despite being called out in high-profile media warnings (including some that quoted me), is still widely exploitable and being used for backdooring into hundreds of networks. There are still Microsoft Exchange servers that have not been patched against ProxyShell. And there are even older vulnerabilities that are out there left unattended, mostly because somebody lost track of what they had running on their computers and never checked for fixes.

So, if Russia were to throw us a wiper worm right now using a well-known vulnerability–sort of in the same way they did with NotPetya and the North Koreans did with WannaCry–maybe not everyone would be affected. But soft targets with undersupported IT and tons of tech debt like hospitals, nursing homes, school districts, local governments, doctors’ offices, small businesses, mid-sized manufacturers, public utilities, and more would potentially be hit hard.

At the same time, if the US were to respond in kind, it could get very messy in terms of targeting because of how much infrastructure used by Russian cybercriminals, cyber militia and intelligence agencies cohabitates with legitimate western IT systems.

“In almost all data centers, we have our own racks in which our servers are located.” –VDS for haxx ad on Russian-language hacker board.

So hang onto your butts, folks. Emerging coverage will be added to this post as I have the chance to update.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: