Cyberattacks increased 38% worldwide last year, and now cybersecurity experts are issuing this urgent warning – critical U.S. infrastructure security breaches and shutdowns may soon be coming. A former C.I.A. hacker turned cybersecurity analyst says the government must act before it’s too late.
Was the computer network failure that recently grounded all U.S. air traffic for the first time since 9/11 human error or a cyberattack? While the Federal Aviation Administration insists human error led to the outage, Canada experienced a computer outage the same day.
“This is what I would categorize as highly suspicious because these systems have redundancy, they have backups, they have ways to be able to recover,” explained cybersecurity expert Eric Cole, C.E.O. of Secure Anchor.
“So when I hear that there was a database error and then, as you said, there were two different systems that went down on the same time. I’m like, okay, say it was human error. Keeps everyone calm, but in reality, it really does sound like a cyberattack and that something went wrong that was unplanned,” Cole said.
When looking for likely suspects in such a cyberattack, Russia would be a strong possibility because of its war against Ukraine and the help U.S. and Canada are giving the Ukrainians.
“Russia lately has always been on the list. But we also forget that China is also a big target, especially when it comes to critical infrastructure. And there are also a lot of freelance cyber adversaries that are out there that are really big on ransomware, extortion, and things like that. So from my standpoint, it sounds like what we call a test attack where they wanted to test and just see how vulnerable the systems were, whether they could get in, and how long it would take them to recover,” Cole explained.
“So to me, the critical part for the F.A.A. right now is to really figure out if it was a cyberattack, to figure out how they got in, and make sure they fix it. Because this sounds like it’s going to be one of many attacks in our future,” he said. Given the FAA software is 30 years old, Cole and other cybersecurity experts say an update is long overdue.
“Certainly, they’ll have to take a good hard look at this system, and they’ll have to identify any weaknesses or built-in redundancies or full upgrade of some kind because this was obviously problematic. But given that they were able to lift it in a few hours, you see what just a few hours does to the network when it’s down,” explained Daniel McCoy of the Wichita Business Journal.
Although President Biden signed a $1.2 trillion infrastructure bill into law last November, Cole believes some critical network issues must be considered for air traffic control and other vital national computer systems. (SOURCE)
