Q&A with Nicole Perlroth, author of 鈥楾his Is How They Tell Me the World Ends鈥
Hackers thought to be affiliated with the Russian government infiltrated the computers of hundreds of U.S. federal agencies and companies for months without detection. Their motives are still unclear. Future attacks could be more destructive, warns New York Times cybersecurity reporter Nicole Perlroth in 鈥淭his Is How They Tell Me the World Ends: The Cyberweapons Arms Race.鈥 She spoke with Monitor correspondent Randy Dotinga.
Q:聽You visited Ukraine after Russian hackers attacked its computers. What did you learn?
They had just suffered a series of three huge attacks: Two shut off power, and one basically decimated government networks, railways, the post office, and boomeranged around the globe. [Ukraine officials] said, 鈥淟isten, this was really bad. But if this comes to the United States 鈥 and you should expect that at some point, it will 鈥 it will be much worse because you are so much more digitized than we are and therefore more vulnerable.鈥澛
Q:聽Put the threat to the U.S. in context. What are you seeing?
Over just the last five years, we鈥檝e had our power grid and elections hacked, our cities, schools, and hospitals have been held hostage via ransomware, and everyone with a government security clearance had their information stolen by China several years ago. And there are attacks that we have yet to uncover. The real worst-case scenario is that nation-states or their contractors use the access they already have to our critical infrastructure to effectively shut these systems down. It could be a long time before we get everything back up. We鈥檙e very, very close to that.
Q:聽What is keeping Russia in check?
Russia in particular hasn鈥檛 decided they have a good enough reason to do it. That might be because we鈥檙e also in their systems, and there鈥檚 a kind of growing mutually assured destruction. But I think they鈥檙e waiting for some geopolitical trigger to use their access for cyber-induced [mayhem].
Q:聽How did we get to this point?
We haven鈥檛 made cybersecurity a priority. We鈥檙e also so much more connected than we were five years ago. We continue to connect our critical infrastructure to the internet.
We need to reprioritize from offense to defense. To give you a sense of how unbalanced we are, at the National Security Agency 鈥 which has this dual mission of defending American secrets and breaking into foreign networks 鈥 the ratio of people who work on offense to defense is still 100 to 1. Fixing that imbalance would go a long way.聽
Q:聽How can the U.S. improve its response?
This latest Russian attack is a wake-up call. It was aimed at the federal government, and they鈥檒l have no choice but to get behind defense. We can鈥檛 go back to business as usual. We鈥檙e starting to see [things change] with the White House elevating a new position 鈥 deputy national security adviser for cybersecurity 鈥 and there鈥檚 also new funding.
Q:聽What can companies and individuals do to protect themselves?
It鈥檚 really important to segment your crown jewels from whatever else you鈥檙e doing. For example, hospitals have been hit with so many ransomware attacks that have wiped out patient records because someone clicked on a malicious link or they didn鈥檛 upgrade their software. That wouldn鈥檛 have happened if they had just kept their patient records on a different system from the ones administrators use day to day.
You can do that at the individual level too. That could mean that you check your email and your bank account on one browser, with two-factor authentication, then everything else you want to do on a completely different browser. It鈥檚 all about awareness and segmentation.
