In recent years, state-sponsored hackers have attacked computer systems worldwide, including the cashMoney in physical form such as banknotes and coins. More and banking infrastructure. A Carnegie Endowment timeline of cyberattacks on financial infrastructure includes 13 cyber-incidents targeting ATMs between 2007 and 2021, 7 with nonstate actors (since 2008) and six events with state-sponsored actors (since 2013).
On January 16, amid tensions between Russia and the West on Ukraine, a cyberattack crippled Ukrainian computer systems. Computers showed the message “Be afraid and expect the worst” and demanded a ransom paymentA transfer of funds which discharges an obligation on the part of a payer vis-à-vis a payee. More.
Dmitri Alperovitch, co-founder and former chief technology officer of cybersecurity firm CrowdStrike, aptly describes the threat in Foreign Affairs:
Russia could conduct psychological operations to sow confusion and doubt among the Ukrainian population, thereby eroding the public’s will to resist Russian aggression. Moscow could launch a cyberattack against Kyiv’s power grid, for instance, leaving millions of people without heat or electricity in the dead of Ukraine’s brutally cold winter. Or it could attack Ukraine’s financial system and make it difficult for civilians to buy groceries with a credit card or withdraw cash from an ATM.
Russia is not alone in developing cyberweapons and engaging in cyberattacks. For years, several countries, including North Korea, Iran, China, Israel, and the United States, have expanded their cyberwarfare capabilities, probing each other’s vulnerabilities.
Experts believe Israel and the United States developed the Stuxnet virus that destroyed Iran’s uranium centrifuge in 2010, although neither took credit for the attack. According to Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers, by Andy Greenberg, had the Stuxnet virus failed, a more powerful cyberweapon called Nitro Zeus would have targeted the Iranian power grid, communications systems, and air defences.
In her review of Sandworm, Sue Halpern aptly describes how a cyberattack targeting critical infrastructure might cause devastating damage:
Had it been deployed, Nitro Zeus could have crippled the entire country with a cascading series of catastrophes: hospitals could not have been able to function, banks could have been shuttered and ATMs could have ceased to work, transportation could have come to a standstill. Without moneyFrom the Latin word moneta, nickname that was given by Romans to the goddess Juno because there was a minting workshop next to her temple. Money is any item that is generally accepted as payment for goods and services and repayment of debts, such as taxes, in a particular region, country or socio-economic context. Its onset dates back to the origins of humanity and its physical representation has taken on very varied forms until the appearance of metal coins. The banknote, a typical representati... More, people might not have been able to buy food. Without a functioning supply chain, there would have been no food to buy. The many disaster scenarios that could have followed are not hard to imagine and can be summed up in just a few words: people would have died.
In August 2021, experts tasked by the United Nations advised member-states to secure the information and communications technology in critical infrastructure sectors such as “health care, […] energy, power generation, water and sanitation, education, commercial and financial services, transportation, telecommunications, and electoral processes.”
In 2007, after officials in Tallinn relocated a memorial to the Soviet Red Army, a cyberattack crippled Estonia’s business and government computer systems for 22 days. Attackers shut down the network of Hansabank, Estonia’s biggest bank, causing losses of $1 million. The BBC reported that “cash machines and online banking services were sporadically out of action.” Estonian officers suspected Russia was behind the attack but could not identify the culprits.
“If let’s say an airport or bank or state infrastructure is attacked by a missile it’s clear war, but if the same result is done by computers, then what do you call it? Is it a state of war? Those questions must be addressed,” said Madis Mikko, a spokesman at the Estonian Defense Ministry.
On June 27, 2017, hackers attacked Ukrainian computer systems with the malware NotPetya, in what Wired magazine called “the most devastating cyberattack in history.” The cyberattack targeted the popular and mandatory M.E.Doc tax preparation software, crippling private and state-run computer networks with a fake ransomware attack a day before a holiday celebrating Ukraine’s constitution.
The attack caused widespread collateral damage worldwide, hitting companies such as a FedEx subsidiary, the pharmaceutical company Merck, and the Danish container-shipping company A.P. Moller-Maersk, among others.
“If I had to guess, I would think this was done to send a political message […] You don’t hit the day before Constitution Day for no reason,” said Craig Williams, senior technical researcher at the Talos security division of Cisco, a computer networking firm.
The NotPetya attack hit government agencies, telecommunication companies, public utilities, and more than 22 banks, including the country’s central bank. NotPetya targeted banks’ servers and workstations, ATM control systems, SWIFT transfers, payment gateways and card processors.
According to experts, Russian-backed hackers might be using fake ransomware attacks to hide their true intentions: destroying data or crippling computer systems managing critical infrastructure.