The Hidden Threat of Centralization – NotPetya & You

What do you really need to know about computers?  The British Show, “The IT Crowd,” begins with a wonderful scene showing one of the main characters, working in an IT department repeatedly answering the phone with, “IT – have you tried turning it off and on again?”

The funny thing is– really – that usually works.  Also, that’s the extent of computer expertise for most of us.  If it locks up, turn it off and on again.  Talk about anything else computer and our eyes glaze over.  We try to be polite and actually pay attention, but it’s true. 

The only problem is that just turning it on and off again doesn’t always work.  Not only do most computer and network problems exceed our now-less-than-a-ten-year-old’s knowledge base, but there are things that can rush over the experts, too, washing them away like so many shells on the shore.

ENTER NOTPETYA. 

First, before we go further, please accept this as a cautionary example only.  It is prudent to highlight NotPetya, because few of us understand how interconnected and centrally-supplied our little worlds are. I count myself among those that don’t understand such.  This story helped open my eyes a bit.  I hope it helps you.

That said, the entire story I am about to relate can be heard on Darknet Diaries, episode 54: NotPetya. 

Briefly, NotPetya was the largest cyber attack the world has ever seen.  It was perpetrated by Russia on the Ukraine in June 2017.  Maybe you heard about it, maybe not.  Regardless, it literally shut down Ukraine – the whole country.  From banks to the post office to everything in between, NotPetya wreaked havoc.  And it wouldn’t have been possible without the good old US government.

That’s right, two well-known exploits were used to accomplish this culmination of years of cyber-attacks by Russia on Ukraine.  (An “exploit” is software that exploits a bug or vulnerability to commandeer or wreck a computer.)  The first was called Mimikatz, developed by a Frenchmen.  The second – EternalBlue – was built by the NSA.  These two exploits enabled the virus or worm to burrow into systems and networks, spreading the infection that shut them down forever.  Russia inserted them into the servers of the company that managed software updates for the Ukrainian version of Quickbooks. 

Everybody in the US needs tax software, right?  So does everybody in the Ukraine.  That’s how the virus spread so quickly, shutting down entire business and government infrastructures in minutes.  It came to everyone, masked as a tax software update.  No longer could you get money.  The bank’s computers were dead.  No longer could you buy food.  The grocery store couldn’t process your debit card.  ATMs that still gave cash were few and far between.  Turnstiles locked because access cards no longer worked.  Everything shut down in the blink of an eye, confusing the populace, because everything operates by computer.  As one observer noted, “Our focus suddenly was yanked from checking for Facebook status updates to just finding food.”

But it didn’t stop at the Ukrainian border.   The virus kept moving, infecting Russian companies and those elsewhere.  From Merck to Maersk, NotPetya did real damage.  Ever heard of Maersk, by the way? 

They are the largest shipping conglomerate in the world – as in real world-wide shipping.  They have ocean liners full of cargo containers running everything from medicine to food to diapers all over the world, all the time.  They also have thousands and thousands of trucks that run to and from their ports all over the world, carrying all those goods to all of us.  NotPetya didn’t care. 

Within a short time of NotPetya’s release, Maersk was hit and lost 100% – as in all – of their Windows-based computers.  This meant that every one of their ships coming into every one of their ports to load every one of their trucks all over the world was immediately frozen.  Every bit of information needed to inventory, identify, unload, load, ship everything in each of the thousands of containers on each cargo ship destined for tens of thousands of trucks the world over was gone.  Gone.  Vanished.  Unrecoverable. 

All the food, medicine, clothing needed for just-in-time inventory the world over was frozen.  Not only could it not be picked up – it couldn’t be found.  And for nine days tens of thousands of trucks sat, outside various ports across the world, lined up for miles and miles.  Nothing happened.  Nothing could because all the information necessary to identify and move all of our necessities was gone. 

Maersk handled the problem remarkably well.  It boggles my mind that it only took nine days for them to get everything moving again.  But they did – for $350 million in personnel and equipment costs that included everything from buying up supplies of stick drives directly from manufacturers to flying loads of people across the world to attack the problem 24 hours a day.

Really, they had no option. 

And we don’t either.  We completely depend on others for our money and food.  Our reserves stretch to the end of the week and to the bank’s computers.  Simply, centralization has made us vulnerable.  Centralization has crept into every aspect of our lives and successfully captured our necessities as well.  All of life has become a monoculture, as vulnerable to a computer virus as Ireland was in the 1840s to the potato blight.  Out of ten million Irish, a million starved to death and another million emigrated, 20% of the population.

Please consider what you can do to decentralize control of your necessities.  What can you do to give yourself a buffer in time and resources?

Leave a Comment

Your email address will not be published. Required fields are marked *