Q&A with Nicole Perlroth, author of ‘This Is How They Tell Me the World Ends’
Hackers thought to be affiliated with the Russian government infiltrated the computers of hundreds of U.S. federal agencies and companies for months without detection. Their motives are still unclear. Future attacks could be more destructive, warns New York Times cybersecurity reporter Nicole Perlroth in “This Is How They Tell Me the World Ends: The Cyberweapons Arms Race.” She spoke with Monitor correspondent Randy Dotinga.
Q: You visited Ukraine after Russian hackers attacked its computers. What did you learn?
They had just suffered a series of three huge attacks: Two shut off power, and one basically decimated government networks, railways, the post office, and boomeranged around the globe. [Ukraine officials] said, “Listen, this was really bad. But if this comes to the United States – and you should expect that at some point, it will – it will be much worse because you are so much more digitized than we are and therefore more vulnerable.”
Q: Put the threat to the U.S. in context. What are you seeing?
Over just the last five years, we’ve had our power grid and elections hacked, our cities, schools, and hospitals have been held hostage via ransomware, and everyone with a government security clearance had their information stolen by China several years ago. And there are attacks that we have yet to uncover. The real worst-case scenario is that nation-states or their contractors use the access they already have to our critical infrastructure to effectively shut these systems down. It could be a long time before we get everything back up. We’re very, very close to that.
Q: What is keeping Russia in check?
Russia in particular hasn’t decided they have a good enough reason to do it. That might be because we’re also in their systems, and there’s a kind of growing mutually assured destruction. But I think they’re waiting for some geopolitical trigger to use their access for cyber-induced [mayhem].
Q: How did we get to this point?
We haven’t made cybersecurity a priority. We’re also so much more connected than we were five years ago. We continue to connect our critical infrastructure to the internet.
We need to reprioritize from offense to defense. To give you a sense of how unbalanced we are, at the National Security Agency – which has this dual mission of defending American secrets and breaking into foreign networks – the ratio of people who work on offense to defense is still 100 to 1. Fixing that imbalance would go a long way.
Q: How can the U.S. improve its response?
This latest Russian attack is a wake-up call. It was aimed at the federal government, and they’ll have no choice but to get behind defense. We can’t go back to business as usual. We’re starting to see [things change] with the White House elevating a new position – deputy national security adviser for cybersecurity – and there’s also new funding.
Q: What can companies and individuals do to protect themselves?
It’s really important to segment your crown jewels from whatever else you’re doing. For example, hospitals have been hit with so many ransomware attacks that have wiped out patient records because someone clicked on a malicious link or they didn’t upgrade their software. That wouldn’t have happened if they had just kept their patient records on a different system from the ones administrators use day to day.
You can do that at the individual level too. That could mean that you check your email and your bank account on one browser, with two-factor authentication, then everything else you want to do on a completely different browser. It’s all about awareness and segmentation.
