Cybersecurity firm FireEye has warned Americans that they’ll be targeted by the next big cyberattack, whether they know it or not. Disrupted supply chains and the chaos of cellular and internet networks crashing will follow.
“The next conflict where the gloves come off in cyber, the American citizen will be dragged into it, whether they want to be or not. Period,” FireEye CEO Kevin Mandia told Axios on HBO on Sunday.
“People don’t even know all the things they depend on. All of a sudden the supply chain starts getting disrupted because computers don’t work,” he continued, threatening viewers with his description of a rapid, uncontrollable descent into chaos.
Implying that anything less than total 360-degree protection was worthless, he added that “Blocking 99.99999999 percent of all the attacks means you’re gonna get compromised everywhere.”
If you can be hacked, you are hacked.
“There is no actual end to cybersecurity. You have to pursue it every day,” Mandia stated in what sounded like a very expensive pitch for his company’s services.
An absence of clear-cut “rules” or justification for when and how to retaliate given the near-impossibility of determining responsibility for even a simple hack – let alone the sprawling map of SolarWinds – would only encourage attackers to continue their work, Mandia warned, suggesting that attackers would merely up the ante. Hackers’ continued attacks would “leave us shocked but not surprised,” he said, even while suggesting that the US’ rivals in cyberspace would never agree to “rules on espionage” and that it would be all but fruitless to try.
FireEye was the first company to publicly expose the SolarWinds hack back in January, which saw as many as 18,000 customers of the network management company compromised through the implementation of digital backdoors in their networks. However, 30 percent of the hack victims weren’t running SolarWinds at all, instead using programs with similar vulnerabilities such as Microsoft’s cloud computing software. The attack is believed to have started in September 2019, and it’s not clear how it avoided notice for so long. Cybersecurity experts have deemed it one of the worst breaches on record, though details as to what exactly (if anything) was taken or otherwise altered remain hazy.
While US intelligence agencies claimed the SolarWinds hack was “likely Russian in origin,” the joint statement they issued in January failed to supply any proof to back that suggestion. The attack has spooked software companies who rely on a chain of software suppliers upstream to construct the framework upon which their own software runs, leaving a crisis of trust in its wake even as end-users remain blissfully unaware of the catastrophe.
Meanwhile, the World Economic Forum CEO Klaus Schwab warned in November that a new “cyber-pandemic” could dwarf the Covid-19 outbreak in terms of damage done. Such an attack could “bring a complete halt to the power supply, transportation, hospital services, our society as a whole,” Schwab announced in a video address, urging governments to “use the Covid-19 crisis as a timely opportunity to reflect on the lessons the cybersecurity community can draw and improve our unpreparedness for a potential cyber-pandemic.”
The WEF is collaborating with major financial corporations like Visa and Sberbank, tech giants like IBM and Mobile Telesystems, and even Interpol to practice “mitigating a targeted supply chain attack on a corporate ecosystem” in July. WEF simulations have an uncanny tendency to mirror subsequent world disasters, as participants in November 2019’s Event 201 – which simulated a devastating coronavirus pandemic – may recall.