Hackernoon logoAnalyzing The NotPetya Malware, Cloud Computing, And Cybersecurity Risks by@sarahaustin

Analyzing The NotPetya Malware, Cloud Computing, And Cybersecurity Risks

Sarah Austin Hacker Noon profile picture

@sarahaustinSarah Austin

Author & TV host formerly: @Forbes @MTV @BravoTV & Marketing Manager: @Oracle @SAP @HP

In June 2017, a variant of the Petya malware worm, NotPetya, wreaked global havoc. Global enterprise networks from Ukraine to the shores of New Jersey’s commercial shipping depots were eviscerated.

The worm, which basically locked companies out of their own platforms without recourse, was developed (allegedly) by the Russian cyber-warfare branch (Sandworm) to target Ukraine in the countries’ ongoing stealth war.

However, the worm quickly spread like a plague to systems running a distinct accounting software platform -- condemning enterprise networks to one path, restart from scratch. 

The fallout was an estimated $10 billion in damages. In its wake, global shipping behemoth Maersk was left to reboot almost its entire network, as were companies like pharmaceutical giant Merck and FedEx subsidiary TNT Express.

And however lucky other firms may feel to have dodged such a fatal bullet, collateral effects of cyber warfare may become the new normal. 

After all, there are no geopolitical boundaries in digital space. 

The problem is that cyber warfare appears only to be gaining momentum. Fought behind computer screens, digital highways, and silicon, the conflicts are invisible but include the likes of China, the US, and Russia.

According to Dr. Chase Cunningham’s recent book on cyberwarfare, every person’s device is now part of the security perimeter for an organization or network. Pair that notion with the galvanization of the IoT sector, and the picture of a landscape ripe for ratcheting up the cyber hacks begins to crystallize. 

So how do enterprises respond? How do they avoid being the collateral victim of the next NotPetya? Quite simply, fight technology with technology. 

Then, one of the ancillary advantages will be enterprises building network infrastructure congruent with the rise of the edge computing paradigm. 

The Phoenix for Cyberwarfare Consequences

If state-backed hacking groups are constructing devastating worms that can spread like a viral pandemic, enterprises need to have the ability to: Spin up and manage networks with speed and ease. 

Begin using encryption by default

Spinning up networks with volumes of endpoints quickly remains a legitimate problem in enterprise and cloud computing -- malware like NotPetya aside. Many systems are not congruent with the variety of new IoT and edge devices, nor are they capable of supporting an expanding generation of devices necessary to reach the full potential of IoT technology.

For context, Maersk, a global shipping giant and the centerpiece of Wired Magazine’s coverage on NotPetya was still running Windows 2000 on some of its systems. Microsoft hasn’t supported Windows 2000 for years. 

The costs of outdated systems and ones susceptible to outages and hacks continue racking up. IT downtime costs businesses more than $700 million per year already, according to the IHS.

Those costs, in many cases, result from far less onerous causes than cyber warfare products. Maybe it’s just a bad snippet of code in a Cloudflare update or an internal mistake by an IT employee. 

Cloud computing needs to revamp its core infrastructure. It needs to be protective against large-scale cyber warfare forces and bring cloud computing to the level that an IoT revolution requires.

One of the optimal methods is by welding together IPv6 and Segment Routing -- called SRv6. 

One emerging internet startup, NOIA, refers to itself as building the “Waze” of Internet traffic, enabling enterprises to spin up and manage networks via an intuitive UI rapidly.

They are already working with firms like Oracle and expect their model to become popular because of its costs, performance, and management ease. 

In the context of malware like NotPetya, should an enterprise fall victim to the collateral effects of a state-sponsored malware (almost certain to happen again), the firm will need to repair its core network rapidly. Even more so if that enterprise consists of thousands of user endpoints, those pesky security perimeters detailed by Dr. Cunningham. 

For example, stories from inside Maersk during NotPetya that were anonymously elicited to Wired Magazine indicate a laborious effort of thousands of employees, along with consulting giant Deloitte, to revamp Maersk’s multi-national global shipping logistics operations. 

NotPetya had destroyed the company’s entire set of domain servers save for one computer that happened to be offline at the time in Ghana. 

Like a Phoenix, Maersk was able to re-emerge from the ashes, but only at an exorbitant cost and effort. Public, decentralized infrastructure solutions like NOIA Network would be a boon for future instances of what Maersk experienced.

Instead of waiting for the worst to upgrade their cloud computing security and Windows 2000-infused logistical hubs, enterprises would be prepared for the vociferous spread of malware. Networks could be preserved via DLT’s distributed infrastructure, and rapidly spun up again in the case of catastrophic losses. 

But more to the point of security; encryption, along with new developments like Zero Trust Security, are the future of enterprise security. 

Default Encryption 

Encryption has myriad benefits, but it is primarily to protect against third-party eavesdropping and black hat threats concurrently. Cryptocurrencies, blockchains, and zero-knowledge technology have pushed the notion of encryption into a golden age, but it may be the current backdrop giving it the extra nudge for more consideration by enterprises. 

Whether its government surveillance, hacker threats, or the security concerns of companies promoting work-from-home policies, encryption is set to take a major role this decade. 

Encryption by default gives enterprises peace of mind knowing that their network is automatically secure. Within the context of the growth of IoT (e.g., the security perimeters of a network), think about how much private data can be mined via a single vulnerability. Instances of hacks exposing user data populate the headlines seemingly every day. 

End-to-end encryption from the cloud infrastructure to the edge devices themselves is rapidly becoming a necessity. 

Otherwise, firms will face similar circumstances of Maersk, who downloaded the infected accounting malware on a single computer that eventually brought down its entire network.

If there’s a demonstration of how negative convexity wreaks havoc on interconnected systems -- it doesn’t really get any better than Maersk. 

The type of intrusion from NotPetya is different than the typical BGP hijacks and service disruptions that NOIA Network solves. Still, it serves as a reminder about how a single vulnerability can upend everything. Combining NOIA with concepts like Zero Trust Networks, which assumes there is no implicit trust granted to user accounts of a network, and enterprises can make significant progress in the race to more performant, secure infrastructure. 

The premium on encryption and clever security models will only increase from here.

The initial exploration of better cloud computing may have been focused on the rise of IoT and how companies can cater to a changing market, but it will be security threats that force their hand. If enterprises prepare for the worst (e.g., NotPetya) first, deploying more agile performant networks, then the benefits of being up to par on IoT requirements will follow. 

NotPetya is a warning of what’s possible when malicious technology escapes its cage, so enterprises need to meet those looming threats with technological ingenuity of their own.


Join Hacker Noon

Create your free account to unlock your custom reading experience.