The H4unt3d Hacker on Ukraine Crisis and Cybersecurity

Charlene O’Hanlon and the H4unt3d Hacker, Mike Jones, discuss the ongoing Ukraine crisis, what’s not being discussed about the current situation and what’s next when it comes to cybersecurity. The video is below, followed by a transcript of the conversation.

This episode of Techstrong TV originally aired on February 28, 2022.

Charlene O’Hanlon: Hey, everybody. Welcome back to Techstrong TV. I’m Charlene O’Hanlon and I’m here with Mike Jones, the H4unt3d Hacker. Mike, thanks so much for being here. I want to talk to you about what’s going on with Russia and Ukraine. And I know you are in high demand these days, especially with respect to this particular situation that’s going on. But I feel like a lot of the conversations around what’s – what has been happening, especially from a cybersecurity perspective, they’re all kind of linear conversations. And I don’t know if you understand what I mean by that, but I feel like we’re all having the same conversations but I think there’s a lot more to unpack about this. So, I kind of want to open it up to you by asking you the question: What is not being talked about when we’re – when we are discussing Russia-Ukraine and cybersecurity?

Mike Jones: Absolutely. And it’s a pleasure being here. It’s always a pleasure. So, just a couple things to start out with. They started this campaign against Ukraine by launching ballistic missiles into the Ukraine. The significance of that is they weren’t equipped with nuclear warheads but that’s one of the types of missiles that nuclear warheads are predominantly carried on. And that was a message to the West of “Hey, this is for real. This is serious stuff.”

But from a cyber standpoint – so, there’s so much going on. We’ve seen Wiper being released in Western Europe and it’s starting to move very quickly, and that started during this campaign. They’ve already hit all of the banking structure in Ukraine. They’ve hit parts of the grid there. And this is not only to enable them to walk into the Ukraine but also to send a message. We all know that they’ve already threatened the US with cyber attacks. And one of my predictions last year was geopolitical tensions will motivate attacks, and that’s what we’re seeing. And the cyber portion of it is being used as a weapon, just like we saw with the ransomware against Ukraine. And it’s spreading. It’s really fast, how this is moving. But it’s a perfect storm. And Putin took advantage of the – I guess the circumstances with the US and looked at us as being weak because we were having political tensions internally, the pandemic of course, the economy is bad, and then you take all of that and look at the response that Biden had in Afghanistan and that whole operation. And this was a perfect window for Putin.

What a lot of people don’t understand is that China is watching this whole situation play out, and if we don’t do anything offensive, then China is going to jump on Taiwan. And all of this is going to be preceded by cyber attacks, RF weapons. We’ve already seen them use RF weapons against Ukraine. And all of this is just a playbook for what’s going to happen to the US. I think the FBI just released a statement today warning Americans that the critical infrastructure for banking is probably going to be targeted, as well as the multiple grids in the US, the power grids. And that’s another thing I said last year, was that we’re going to start seeing a lot of these infrastructure attacks, and it’s just because of this geopolitical situation.

This geopolitical situation has actually been going on for quite a while. You look at China with the threats against Taiwan and not acknowledging Taiwan. And then you look at Russia and wanting to get back – and here’s where I’m kind of split, right? So, the media depicts Putin as this dictator, as this horrible person, this monster, but we fail to realize that this has been going on for 14 years. And at one point the Ukraine was part of Russia, and there’s parts of the Ukraine who don’t even acknowledge the Ukrainian government. They still say that they’re part of Russia – the separatist states.

So, politically there’s a lot of moving parts and I don’t think people take that into effect. But the biggest thing is how swiftly they hit the Ukraine banking system and completely disconnected people from their money. And the US is not, I guess, immune to that type of attack at all. And our power grid is not in any situation or any condition to handle an attack like that on a power grid.

Charlene O’Hanlon: Yeah. It’s kind of frightening when you think about the fact that so many things were hit so quickly at the onset of this. And just thinking about the way things are set up – and we’ve got the banking systems that connect to other banking systems internationally – it’s not just an isolated problem or issue in the Ukraine. This is going to have ripple effects worldwide from a – not only from an economic standpoint but also probably from a socioeconomic impact as well. So, it’s not enough for us to say, “Well, this is happening over there. We don’t really need to worry about it. It’s not us.” I think everybody is really recognizing and preparing themselves maybe mentally or even infrastructurally, if that’s a word, for the inevitable cyber attack. And so – and then you kind of throw China in on top of it – there’s a lot of things that we as a country and also from an organizational perspective we all need to really take into consideration.

Do you think that we’re going to see kind of a rapid increase in cyber threats and cyber attacks, or do you think this is going to be kind of a slow burn, if you will?

Mike Jones: I think it will get to a point where if the US makes an offensive move against Russia, it will be pretty swift. Now, if Biden sticks to his guns and says that he’s not sending troops, he’s not really truly going to get involved, it might be a slow burn. But I don’t see that happening. I see Russia finding a reason to blame something on the US or implicate them in some sort of attack, and at that point it’s going to be all out. And the sad thing is that we’ve already – we already have people that are in the critical infrastructure. They’ve been there for years. We know they’re there, and it’s just that one kill switch, and it’s just a matter of time.

Charlene O’Hanlon: Yeah. And I think that’s something that I’m not sure a lot of people really understand, just the magnitude of something like that happening. We’re talking about critical infrastructure. We’re not just talking about power/light; we’re talking about the internet. And so many organizations, if they don’t have the internet, they don’t have a business basically. So, it’s really hard for me to kind of reconcile in my head how we as a country will be able to kind of move forward and run a business and just do what we do in our daily lives without having the internet and having other parts of the critical infrastructure, I mean, because we are going to be so hamstrung on… Think about when AWS, there was an AWS outage and everybody creaked out about Slack not working correctly, or they couldn’t get their Netflix or whatever. Imagine if – I mean, you and I couldn’t be talking right now, and just so many things are reliant on the internet and – it’s kind of like I can’t even really – I just can’t even. Let me just put it that way.

Mike Jones: So, the banking system is really interesting. I had heard from somebody today that Biden was actually considering cutting off Russia from the SWIFT system, which allows them to do transactions with other countries, with the world economy. And if that happens, you can guarantee there will be an onslaught of cyber attacks against the US for sure. And it will be swift.

Charlene O’Hanlon: So, I mean, what steps are being taken now ahead of time with the recognition that there’s a probability that we are going to be attacked by Russia, at least from a cyber perspective?

Mike Jones: No, there’s people talking about it. The FBI is making statements trying to make people aware. But here’s the problem, is that a lot of people didn’t expect Russia to be that bold, to be that aggressive, and walk into the Ukraine. There was even word that they were turning around and going back to Russia, which I knew was not – that’s not his M.O. If he amasses troops, something is going to happen.

So, I don’t know if anything is being done, to be honest with you. And a lot of people that I’ve talked to, the conversation never even comes up as to what’s going on in Russia and Ukraine because it’s so far away that they don’t think it’s going to have a direct impact on them as a citizen of the US. And I mean, it’s sad but our government, we don’t have the best leaders right now. A lot of people don’t have faith in Biden. And when you look at the world’s opinion of the US and Biden as a leader there’s a reason why this has happened. They see him as being weak and they see our political structure as failing.

Charlene O’Hanlon: Well, I would hope that there would be some sort of controls in place that if we were ever under a cyber attack that we’d be able to somehow cut it off or at least stem the damage. Can we do that? I mean, is that something that the FBI or the whatever governmental organization – is that something that they could do?

Mike Jones: See, I think they could given enough time. But this is the very first time that we’ve been under a threat of a cyber attack of that magnitude. I mean, when you look at what happened to Ukraine, the whole entire banking system, we’re not used to that type of threat or that type of action against us. So, I question that. Are we ready? Have we done those tabletops of China and Russia hitting us all at once? I don’t know. I would like to think that NSA and government operations have focused really heavily on that over the past couple years as we saw the issues with China and Russia mounting. But again, that’s probably something we’ll never find out about.

And the only other way, really, is to go the route of China and have our own – block off the internet and just have our own American firewall. But again, we’re in no place to do that. And the whole purpose of the internet is so that we can do business with people across the world. If we did do something like that, it would disable us quite a bit.

Charlene O’Hanlon: Yeah. I – it would really astound me if we as a country, the governmental agencies, if they haven’t been preparing for something like this, because I can’t believe that we didn’t all think that this was going to be inevitable at some point. There have been enough indications over the years that different countries, including North Korea, they’ve done their share of damage in the past. So, it would really, really surprise me if there was not some sort of capability that they’re just not talking about because they don’t want the rest of the world to know about it, but some way of protecting our infrastructure in case of a full-scale attack. And I guess there’s a difference between attacks on critical infrastructure, kind of one-off organization; it’s quite something different when it’s an entire country that’s coming at you. So, yeah, I guess we’ll have to wait and see. And I really think that that is – that may actually be the worst part of this situation, is the fact that we don’t know, and we don’t know what we don’t know.

So, I think there’s – we’re going to see a lot of things unfolding over the next couple weeks as tensions continue to mount and actions are being played out in other countries. And it’s just a matter of time, I guess, before it reaches us.

Mike Jones: Yeah. The sad thing is that Russia, their APT groups and their military units that do cyber attacks are very highly skilled. And I don’t know if we have the fortitude to stand up against that.

Charlene O’Hanlon: Well, always a ray of sunshine you are, Mike. [Laughs]

Mike Jones: Sorry.

Charlene O’Hanlon: No, that’s fine. So, what can we do, then, I mean, as citizens, as global citizens, as companies? We’ve got to be able to do something to protect ourselves and protect our infrastructure and our assets and – so, what steps can we take as those people and as those organizations to at least minimize the damage if something – when something should happen?

Mike Jones: So, you talk about preparing and what can we do as a country? I think we need to micro-reduce that to what can we do as individuals? When you see the attack on the banking infrastructure in Ukraine how many of us have some way to get cash or have a stash of cash somewhere? When you talk about preparing for something like that, it brings the thought – the whole idea of the preppers and how crazy we thought the preppers were, that there would never be a reason to do what they’re doing. Well, this is a prime example of – they’re probably the smart ones because they do have that backload of cash. They do have access to assets if something happens.

The same thing with the power grid. Do you have the proper things to keep your household going? Do you have enough food to where you could maybe last a couple days? I think those are the things that people need to think about. And I am doom and gloom but the things – I look at things that could potentially affect us as a country, and I try to warn people ahead of time, “From what I’m seeing, this is probably a good possibility.” And I haven’t been too far off. And I do it to help people, to prepare for something that could have an impact. And this is a prime example. Make sure you have access to assets. Make sure you have some form of communication that doesn’t require a landline or a conference bridge, all of those things, because if we get hit with a cyber attack, more than likely it will hit the grid, it will hit banking, and possibly food supply.

So, do what you can do to prepare your family. You have to be independent because the government has other, bigger things to worry about than each individual citizen. They’re trying to defend an entire country and keep our borders solid. But you have to think for yourself because the government is not going to do it for you.

Charlene O’Hanlon: Yeah, well, the thing that concerns me about all of that now is I just hope folks don’t make a run on the banks and completely collapse our financial system, which could happen, I mean, if there is enough of a panic about making sure that folks had money or a way to pay for things should the infrastructure go down. And same thing with the grocery stores. It’s – there’s – we’re already having supply chain issues.

Mike Jones: Right.

Charlene O’Hanlon: I mean, let’s compound a war – compound it with a war and see what happens.

Mike Jones: It’s a perfect storm.

Charlene O’Hanlon: Yeah. It really is. It really is. So, any parting thoughts? Anything else we need to consider about this situation in general and what we can do to kind of make our little corner of the world a little bit safer and better?

Mike Jones: Sure. As a corporation I would start looking and building ACLs and alerting mechanisms to look for specific IPs in Russia. If you have a chance and you don’t have a direct line of business to a Russian province, block the entire country because it’s going to come eventually. And as individuals, stay aware of the news. Don’t be one of those ones who only cares about Starbucks and Target. For once, maybe look at the geopolitical situation and think about what you would do as an individual to protect your family and to make sure that you can function on a day-to-day basis if something happens. And it may not. But the way I’m looking at it, I just – I think it’s inevitable.

Charlene O’Hanlon: Well, let’s hope you’re wrong. But I will say based on your track record at least with me you are scarily accurate, Mike. And so, I do appreciate your insight as always and your expertise. And you’ve certainly got us all thinking a lot more about these things. So, thank you very much. And thanks for making the time for me today. I do appreciate it.

Mike Jones: Anytime.

Charlene O’Hanlon: All right. Great. All right, everybody. Please stick around. We’ve got lots more Techstrong TV coming up, so stay tuned. All right.

[End of Audio]
Avatar photo

Charlene O’Hanlon

Charlene O’Hanlon is Chief Operating Officer at Techstrong Group and Editor at Large at Techstrong Media. She is an award-winning journalist serving the technology sector for 20 years as content director, executive editor and managing editor for numerous technology-focused sites including DevOps.com, CRN, The VAR Guy, ACM Queue and Channel Partners. She is also a frequent speaker at industry events and conferences.

charlene has 55 posts and counting.See all posts by charlene