There have been times over the last two months when Golan Ben-Oni has felt like a voice in the wilderness.
On April 29, someone hit his employer, IDT Corporation, with two cyberweapons that had been stolen from the National Security Agency. Mr. Ben-Oni, the global chief information officer at IDT, was able to fend them off, but the attack left him distraught.
In 22 years of dealing with hackers of every sort, he had never seen anything like it. Who was behind it? How did they evade all of his defenses? How many others had been attacked but did not know it?
Since then, Mr. Ben-Oni has been sounding alarm bells, calling anyone who will listen at the White House, the Federal Bureau of Investigation, the New Jersey attorney general’s office and the top cybersecurity companies in the country to warn them about an attack that may still be invisibly striking victims undetected around the world.
He is determined to track down whoever did it.
“I don’t pursue every attacker, just the ones that piss me off,” Mr. Ben-Oni told me recently over lentils in his office, which was strewn with empty Red Bull cans. “This pissed me off and, more importantly, it pissed my wife off, which is the real litmus test.”
Two weeks after IDT was hit, the cyberattack known as WannaCry ravaged computers at hospitals in England, universities in China, rail systems in Germany, even auto plants in Japan. No doubt it was destructive. But what Mr. Ben-Oni had witnessed was much worse, and with all eyes on the WannaCry destruction, few seemed to be paying attention to the attack on IDT’s systems — and most likely others around the world.
The strike on IDT, a conglomerate with headquarters in a nondescript gray building here with views of the Manhattan skyline 15 miles away, was similar to WannaCry in one way: Hackers locked up IDT data and demanded a ransom to unlock it.
But the ransom demand was just a smoke screen for a far more invasive attack that stole employee credentials. With those credentials in hand, hackers could have run free through the company’s computer network, taking confidential information or destroying machines.
Learn more: A Cyberattack ‘the World Isn’t Ready For”
The Latest on: Cyberattack
- Albany spent over $300K recovering from cyberattackon September 13, 2019 at 4:46 pm
ALBANY - On Friday, officials with the city of Albany spoke about the amount spent in response to the ransomware attack that took place in March. A FOIL request submitted to the city was answered ...
- Are Patients the Next Cyberattack Targets?on September 13, 2019 at 11:32 am
When Vice President Dick Cheney received a new defibrillator in 2007, his doctor disabled the device's wireless capabilities so that it wouldn't be vulnerable to terrorist attacks. "I worried that ...
- 39% of European Businesses Admit to Being Breached by a Cyberattack But the Majority of Hacks Remain Hidden From Publicon September 12, 2019 at 4:59 am
- Almost half (46%) of successful attacks target under-trained employees - 75% of attacks never become public knowledge despite GDPR breach notification requirements - 62% believe hackers are more ...
- Regis plans to use its own cyberattack as security lesson for studentson September 11, 2019 at 9:43 pm
DENVER — Students in Regis University’s computer science department will get real-world training in the field of cybersecurity after a cyber attack that crippled the campus’ network last month. The ...
- The potential for a 'miscalculated' enemy cyberattack keeps me up at night, warns Pentagon cyber chiefon September 10, 2019 at 4:13 pm
If there is one thing that keeps the Pentagon's cyber chief from getting enough rest, it's the potential for an enemy to "miscalculate" a cyberattack, creating much more damage than intended. When ...
- Ransomware Cyberattack Strikes Montgomery County School Districton September 10, 2019 at 8:47 am
The district won't reveal the full extent of the malware infiltration. “Our priority is to remediate the disruption and encryption caused by the ransomware & to restore the district and its services ...
- Post-Mortem on First US Grid Cyberattack: ‘Update Your Routers’on September 9, 2019 at 8:23 am
A post-mortem has been released confirming and explaining the first official cyberattack on US electrical grid infrastructure, according to EENews. Surprisingly, it didn’t involve a squirrel.
- Security News This Week: An Unprecedented Cyberattack Hit US Power Utilitieson September 7, 2019 at 3:00 am
This week saw some aftershocks from recent revelations about a large-scale iOS hacking campaign. Brokers of so-called zero day exploits—the kind that companies haven't yet patched—have started ...
- Town Avoids Paying Massive $5 Million Ransom In Cyberattackon September 6, 2019 at 2:29 pm
When the city of New Bedford, Mass., was hit by a ransomware attack in July, with hackers demanding $5.3 million in Bitcoin to release the city's data, town officials tried an old law enforcement ...
- Who’ll benefit from the Regis University cyberattack? The Denver school’s cybersecurity students.on September 6, 2019 at 5:00 am
Two weeks before a “malicious threat” crippled Regis University’s information technology services — rendering the Denver campus’s phones, email and internet useless just as summer courses ended and ...
via Google News and Bing News