Sure feels like we are beyond the testing fence stage, someone's just toying with us now. Water systems, pipelines, food processing, retail......just need finance, mass transportation and more infrastructure and we are......wait, it's here.
One of our large packaging suppliers got hacked earlier this year, lots of ripple effects that I am dealing with now and consumers feel at the counter.
Joe, what's your intelligence and spidey-sense saying?
Even if we don't get crippled federally, this will lead to more government oversight as our small, rural infrastructure providers are not prepared to deal with these types of issues. It'll allow Big Gov to slowly infiltrate our local Co-ops and private utility providers.
Sad part of this whole thing, the utilities haven’t kept up with the security for their systems. They look too big brother too bail them out. And then we complain about big government coming in and dictating what too do.
Basically what is happening is these groups are global but mostly contained in countries where bribes are quite common. They hide behind many layers of security and operate as a business. I'm talking about a full-fledged corporation where it's all about profit sharing. They offer a bounty for information. So people go out and find security vulnerabilities at companies and covertly breach the IT environment. They poke around a bit and see how far inside the environment they can get and if they can stay undetected. Then they go to these larger groups and say "hey, I got in and I can get to all of these places" I'll give you the info for 10% of the return. They then job shop the target. Once one of the bad actor groups purchases it they enter the network and start creeping around. They make sure to get ahold of things like privileged accounts etc. They install the software in the background that is waiting for a command from them to unleash the payload. The more they can compromise the more they can demand. So once they are sure they have all they can, or they feel like they've been discovered they send the command signal. The machines instantly start to encrypt themselves. Meaning they can't be unencrypted without the key, that only the bad actors have. So they ransom everything. Sometimes it's tens of millions of dollars. Sometimes a few hundred thousand. Depends on the companies ability to pay and how much they managed to encrypt. Ransoms are always demanded in untraceable cryptocurrency. Most businesses have cybersecurity insurance.
Before the pandemic healthcare companies were getting hammered with ransomware. But believe it or not, there is a kind of honor amongst thieves and during the pandemic, they started targeting other forms of business. They traditionally stay away from major utilities and subsidies like power, water, food etc. That's because while hitting private businesses with insurance will raise the government eyebrow, hitting national subsidies like food will likely result in CIA involvement and a bullet in your dome regardless of what country you're in.
The pipeline hack was a complete fuckup. The original person got in and sold it to the ransomware group who did their thing. It wasn't until after they executed the payload did they know what they had. They immediately settled for half of the ransom and disappeared. Completely disbanded a group that had made a few hundred million in the last few years doing this. They ran scared. Unfortunately, the pipeline company paid immediately and doesn't even try to recover by themselves. I'm sure another less concerned group noticed this and decided to hit the meat industry.