Kronos. Ransomware. Private clouds. And now, the utility “Log4j” and its security flaw.
Few of these things resonate with anyone outside information technology offices, but everyone should pay attention to them because they signify a broad-based vulnerability in security.
Specifically, people should pay attention to the files and links they are invited to open in emails, which is often where the ransomware program gets its entry into computer systems. And this security risk will only intensify as crucial public services become increasingly linked to networks that are open to thieves determined to break in.
Of course, the recent cyberattack on Kronos, a workforce-management contractor, raised the most worry because the disruption already has exposed personal information in one case and interfered with scheduled service in another. The hack of Kronos, a Massachusetts-based private company that provides its services on the internet “cloud,” was widespread.
The latest series of headaches began last week when Oahu Transit Services systems were disabled in the hack, affecting online services for TheBus, TheHandi-Van, TheBus app and its Holo smart-card system. The buses were able to run on their normal routes and schedules, but fulfillment of Handi-Van reservations was disrupted, a real problem for its senior and disabled passengers.
The Honolulu Board of Water Supply and the city Emergency Medical Services took hits to their time-keeping services for employees, affecting the tracking of their hours and pay.
The private sector wasn’t spared. The entire workforce of 8,000 employees at The Queen’s Health Systems may have had their names, addresses and phone numbers exposed, on top of the loss of their work time and leave requests.
There’s been a drip-drip-drip of bad news about cybersecurity, and not only in Hawaii. Wednesday’s development was a national story, a vulnerability in a widely used piece of software called Log4j. It enables tracking of activity and data for various purposes. Log4j is used by companies from Apple to Amazon; it figures in the operation of popular apps, websites and devices.
Hackers have had a head start to exploit its security flaw. Microsoft Threat Intelligence Center is one source reporting such activity from state-backed actors in China, Iran, North Korea and Turkey.
The flaw allows the attacker to gain initial access to networks and sell it, according to the Microsoft report. The buyers are affiliates that then use the opening to distribute ransomware: This is a program that blocks a computer system’s users from accessing their data until a payment is extracted from them.
Some critical systems already have been prey to such activity. In May, the Colonial Pipeline, a major element of oil transport to the eastern U.S., was targeted in such a ransomware attack. The hackers who took credit for the crime issued a statement in which they confirmed the goal was making money, not upheaving society.
Well, of course it was. That’s why they hit infrastructure that is so crucial.
This is the nature of grand larceny in the information age.
And Hawaii, regardless of its remote location, is not immune from such criminal gangs. TheBus and Handi-Van could be just the start. Imagine the leverage they would hold if, for example, they could gain control of a computerized, driverless rail system.
This may seem an unlikely threat, but it should prompt businesses and agencies to sharpen cybersecurity protocols, regardless.
And users: Don’t click on links or open attachments from unconfirmed sources, for starters. The security you save could be your own.
