Power outage in Beersheba (PR)
About a week ago, Israel experienced a series of power outages. Before long, rumors began to circulate on social networks and WhatsApp groups - this was a cyberattack. The media also jumped on the bandwagon and articles on various websites reinforced the claim that it was a cyberattack, and of course, a Sudanese attack group "claimed responsibility" for the attack on its Telegram channel. The electric company reported that it was a malfunction in one of its transformers, a message that was received with suspicion ("They don't want us to know that this is an attack").
In my opinion, we are experiencing a new-old phenomenon, in which every malfunction or unusual phenomenon in a system integrated into computers or connected to the Internet is attributed to a cyberattack.
The association of unusual events with cyberattacks is new, but the phenomenon is not new at all. Anyone who was here in the '90s remembers a similar phenomenon, with a different "culprit." At the same time, The X Files aired, which dealt extensively with aliens and received huge ratings. Any unexplained phenomena that occurred on Earth were immediately labeled as "possible alien activity." Since the show dropped, the subject has been forgotten and we rarely hear about alien activity in Israel or around the world. Most of the "alien" incidents that are reported receive satisfactory scientific explanations, and hardly anyone takes such reports more seriously.
So why do we act the same way when it comes to "cyberattacks"?
Someone will call Mulder and Scully (Photo: AP)
Let's start with the sad fact that we hear about cyberattacks that take down websites, harm organizations and steal money from innocent citizens and shut down hospitals and airports. Cyber is in the headlines and it's here, real and painful. From a marginal subject that interests only technological geeks, it has become mainstream, and the media and the media have also adopted it and have begun to deal extensively with the subject. Of course, the culture of popularity is not blind to the popularity of cyber and hackers - dozens of books, movies, computer games and TV shows (Mr. Robot, The Matrix) have been produced in the last 20 years and have made every person know and understand that there is a real threat here. And after it was reported that the Iranian nuclear program was attacked and delayed by a cyberattack (Stuxnet, attributed to Israel), it is already clear that cyberattacks can cause damage not only to websites and databases, but also to critical systems whose damage can cause great damage to the environment and cost lives.
If this is the case, it is only natural that any unexplained incident, malfunction or downtime will be attributed to cyberattacks. The reality, as always, is more complex. As in the case of the power outage that was not the result of a cyberattack, there are a number of known attacks from around the world that were initially attributed to hackers and in the end turned out to be nothing more than "just" malfunctions.
One of the most serious cyberattacks of recent years was the alleged breach of the drinking water management system of the town of Oldamar, Florida, during which sodium hydroxide values in the water were changed to a level that could endanger public health. The initial investigation pointed to serious failures in the information security of the system, which was completely compromised and allowed attackers to remotely access and change values in the system.
However, after two years of investigation, the FBI recently admitted that there was no evidence to suggest outside access to the systems. It is very possible that the employee who reported the "hack" was the one who accidentally changed the values in the system, and it is even possible that he reported the hack in order to deflect the blame from him. Another, more recent case occurred last January. The information systems of the US FAA, the FAA, suffered a malfunction that was immediately attributed to a cyberattack. As a result of this malfunction, more than 8,000 flights were cancelled or rescheduled. The U.S. Transportation Secretary tweeted that all avenues of investigation were being investigated, including that of a Russian cyberattack. The investigation of the incident found the cause of the malfunction (damaged file) but found no evidence of remote hacking.
More in Walla!
Virtual Reality Therapy: Treatment for Anxiety
In association with Zap Doctors
Outdated systems have flaws, just get it. Power outage at the cable car in Haifa, last December (Photo: official website, Yuval Barak, spokesman for the Haifa station)
Yotam Gutman (Photo: Sentinel One)
What do we learn from these events? First of all, not every malfunction is the result of a cyberattack. Information systems sometimes fail, and usually due to poor planning or operator errors. Second, many of the systems that suffer from malfunctions are systems controlled by outdated control systems (such as industrial control systems from the outdated SCADA protocol). It is very difficult to update such systems and until they are replaced by newer systems, they are likely to suffer from many malfunctions. Third, most physical systems today are integrated with control components and connected to the Internet. With all the benefits, it makes them more vulnerable to both mishaps and attacks. Finally, it must be said that these incidents illustrate exactly the power and damage that a real cyberattack can cause.
Russian cyberattacks on power generation and supply systems in Ukraine have caused widespread power outages, an Iranian cyberattack on a dam in New York State could have caused flooding, and much more. We would do well to understand the harsh significance of a devastating cyberattack while at the same time treating unconfirmed reports of attacks with suspicion. It should also be taken into account that the world has changed and that entities and companies are now obligated to report cyberattacks to regulators, stock exchanges and the public, so that if such an attack really happens, chances are that they will not be able to "sweep it" under the carpet and that we will receive a verified report from an official source, rather than a message from WhatsApp members.
The writer is the marketing manager of the cyber company SentinelOne