Search Options
Skip to main content (Press Enter).
Sign In
Skip auxiliary navigation (Press Enter).
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Communities
General Discussion
My Communities
Explore All Communities
Products
Solutions
Services
Developers
Champions Corner
Customer Stories
Insights
Customer Advocacy Program
Badge Challenges
Resources
Resource Library
Hitachi University
Product Documentation
Product Downloads
Partners Portal
How To
Get Started
Earn Points and Badges
FAQs
Start a Discussion
Champions Corner
Blog Viewer
Blogs
A Valuable Lesson In Cyber Warfare
By
Hubert Yoshida
posted
05-25-2021 19:06
2
Like
The Colonial Pipeline
Ransomware story
continues to provide valuable lessons in Cyber Security. The latest lesson is reported by
Technologyreview.com
.
One of the cardinal rules of the cat-and-mouse game of cyberwarfare:
Don’t let your opponents know what you’ve figured out.
During World War II, the British had figured out how to decipher the German’s Enigma cipher machine as early as 1942 and had knowledge of German troop and supply movements during most of the war. The German’s believed in the invincibility of the machine since the Enigma Machine had 13x10
114
possible cipher
patterns which would be impossible to decipher by brute force. Despite the Enigma’s technical sophistication, Dr. Alan Turing and his team of hackers at Bletchley Park were able to crack the codes through a combination of mathematical genius along with exploiting weaknesses in the hardware, human error, procedural flaws, and leaks of key information. This helped Allied forces break Enigma ciphers and allowed them to read many of the messages and gain advantages which eventually led to Allied victory and the shortening of the war.
Of course, great care had to be taken over Allied use of Intelligence derived from breaking Enigma. If the Germans suspected that the Enigma ciphers that been broken, they would have taken counter measures that would have made it even more difficult to decipher. No-one on the Allied side was permitted to base any action on a decrypt, unless there was also another way in which the relevant Intelligence might have been acquired. This meant that in some cases preemptive action could not be taken to prevent the loss of lives. The care with which Enigma-derived Intelligence was handled prevented its source from being discovered, and this, together with Germany’s unjustified faith in the machine’s power, meant that knowledge of Allied breaking of Enigma remained a secret not just throughout the war, but until 1974, when The Ultra Secret, a book written by RAF Intelligence officer Frederick Winterbotham, revealed the truth.
In the case of Colonial Pipeline and the DarkSide Ransomware attack, two researchers, Fabian Wosar and
Michael Gillespie
, had noticed a flaw in the ransomware that DarkSide was using to freeze computer networks of dozens of businesses in the US and Europe and had begun discreetly looking for victims to help. Had Colonial Pipeline contacted these researchers before DarkSide changed their code, they could have recovered their data without paying the ransom of 75 Bitcoins, which at that time was about $4.4 million.
Unfortunately, a Romania based Cyber Company, Bitdefender discovered the same flaw and made a public announcement that companies facing demands from DarkSide could download a free tool from Bitdefender and avoid paying millions of dollars in ransom to the hackers. By publicizing its tool, Bitdefender alerted DarkSide to the flaw and the next day, DarkSide declared that it had repaired the problem, and that “new companies have nothing to hope for.”
“Special thanks to BitDefender for helping fix our issues,” DarkSide said. “This will make us even better.”
By the time Colonial Pipeline was hit by DarkSide in May, the flaw was fixed and Colonial had to pay the ransom in order to restore service to the Eastern United States.
From BitDefender’s perspective, it might have seemed like a marketing coup to be able to announce a decryption solution to DarkSide, but from a Security perspective it was a disaster. You don’t want marketing people to run a security firm.
#Blog
#Hu'sPlace
2 comments
6 views
Related Content
Ransomware Temporarily Disrupted – But More Action is Required
Hubert Yoshida
Added 05-18-2021
Blog Entry
AI has been demonstrated to break the Enigma code in 10 minutes
Hubert Yoshida
Added 01-29-2018
Blog Entry
The Escalating Cost of Ransomware
Hubert Yoshida
Added 07-07-2021
Blog Entry
Ransomware Attack Against Critical Infrastructure
Hubert Yoshida
Added 05-11-2021
Blog Entry
Ransomware Insurance: Good or Bad?
Hubert Yoshida
Added 07-14-2021
Blog Entry
Permalink
Comments
Chayan Sarkar
05-04-2022 11:51
Nicely written, thanks
Dipta Kundu
04-27-2022 02:52
Thanks for sharing
© Hitachi Vantara LLC 2023. All Rights Reserved.
Powered by Higher Logic