Home » Cybersecurity » SBN News » This week in cybersecurity: Fighting hackers with missiles

This week in cybersecurity: Fighting hackers with missiles

On Saturday, Israel Defense Forces (IDF) bombed a building in the Gaza Strip that they say housed Hamas hackers attacking Israel. The airstrike decimated the alleged hacker headquarters, marking the first time military force has been used as a direct response to a cyberattack. NATO declared “cyber” an official warfare domain in 2016, adding it to “land, sea, and air” in terms of where battles can be waged and fought. Israeli authorities claim an attack against the nation’s “cyberspace” led the IDF first to deal with the problem in the digital dimension, using cybersecurity to shut down the cyberattack, then deal with it in the physical dimension using the air strike.

Quote of the week

“After dealing with the cyber dimension, the Air Force dealt with it in the physical dimension.” – Israeli Defense Force spokesperson Brig. Gen. Ronen Manlis, on the IDF military response to a cyberattack.

It should be noted that the IDF and Hamas were already engaged in warfare in the Gaza Strip at the time, causing perhaps a stronger retaliation to a cyberattack than if a conflict had not been present. US Secretary of State Mike Pompeo condoned the retaliation, commenting, “The Israelis have every right to defend themselves.” In 2015, the US itself launched a drone strike to kill Junaid Hussain, an Islamic State hacker who had compromised US military intelligence. But while that strike took planning and recon first, the IDF airstrike on Hamas was immediate.

RobbinHood holds Baltimore ransom

The city of Baltimore was hit Tuesday with the aggressive ransomware known as “RobbinHood.” The cyberattack locked up most of the city’s municipal servers, causing chaos and confusion amidst residents trying to pay utility bills, city taxes, and property debts. City emergency services such as 911 are still in operation, but city hall and the police station have been digitally frozen and forced to rely on pencil, paper, and old-fashioned phone calls to keep the city running.

Avast Security Analyst Luis Corrons says the attack was systematic and deastating. “This is not the typical random attack that can affect anyone. We are talking here about a targeted attack where the attackers gain access to the victims’ network and after some reconnaissance move laterally through the network to identify and access all systems they want to compromise. Once there they launch a full-scale attack against them – in this case using ransomware.”

The mayor’s office firmly stated that it would not be paying the hackers’ $76,000 demand in return for unlocking the city’s files. Instead, city cybersecurity officials continue looking into decryption methods while also working with the FBI to identify the attackers. The city of Greenville, N.C., suffered a RobbinHood attack last month, and authorities want to discern if the attacks are related.

Fact of the week

The amount of live, reachable Dark Web sites makes up less than 0.005% of about 200 million surface Web domains.

A breach of Freedom

The fourth-largest Canadian telecommunications enterprise, Freedom Mobile, revealed that a data breach this week exposed the sensitive info of 15,000 customers. The breach was first reported by cybersecurity experts who stumbled upon an unprotected database online containing 1.5 million lines of information. Personal data such as email addresses, phone numbers, birthdates, IP addresses, and credit card numbers including the security codes were found among the exposed info.

The Calgary-based telco states that the breach was caused by Apptium Technologies, a third-party company recently brought in to streamline the retail systems. The only customers affected, the company claims, are those who visited one of 17 specific retail stores to adjust an existing account or open a new one. There is no evidence that the info has been accessed or compromised. “We are currently contacting affected customers, and we will provide them with a solution that best suits their needs,” the company wrote in a statement to ZDNet. “Freedom Mobile has filed a report with the Office of the Privacy Commissioner of Canada and we are continuing our investigation into the matter.”

This week on the Avast Blog

The Avast Blog team reached out to the US Federal Communications Commission about its recently released first report on robocalls. Check out the FCC’s latest tips and tools for fighting back against the scammers that ring you day and night.

Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Protect all of your devices with our award-winning free antivirus. Safeguard your privacy and encrypt your online connection with SecureLine VPN.

 Learn more about products that protect your digital life at avast.com. And get all the latest news on today’s cyberthreats and how to beat them at blog.avast.com.