The 2025 BINGO Card Part II: Cyberattacks
In Part II of my three part series, I will discuss how increased cyberattacks impacting various industries should be on your 2025 BINGO card of events.
BINGO Card Item #2 - Cyberattacks
There’s no doubt we’ve entered a period of war that will be less kinetic & more cyber-based. According to the Center for Strategic & International Studies (CSIS) these significant cyber incidents happened in November 2024 alone:
November 2024: The United Kingdom’s National Cyber Security Center found a three-fold increase in the most significant cyberattacks compared to a year ago. NCSC provided support for 430 cyberattacks, 89 of which were “nationally significant,” and listed China, Russia, Iran, and North Korea as “real and enduring threats.”
November 2024: Chinese hackers, dubbed Salt Typhoon, breached at least eight U.S. telecommunications providers, as well as telecom providers in more than twenty other countries, as part of a wide-ranging espionage and intelligence collection campaign. Researchers believe the attack began up to two years ago and still infects telecom networks. Attackers stole customer call data and law enforcement surveillance request data and compromised private communications of individuals involved in government or political activity.
November 2024: Chinese spies planted a chip in a former U.S. three-stars general’s conference name tag to track his every move during his time serving in the Indo-Pacific.
November 2024: Iranian hackers have been targeting aerospace, defense, and aviation industries in Israel, the UAE, Turkey, India, and Albania, according to Israeli reports. Hackers pose as recruiters on LinkedIn and distribute malware to victims through fake lucrative job offers to spy on targets and steal sensitive data starting in 2023. The malware and tactics are similar to those of a North Korean hacking group that targeted cryptocurrency exchange-traded funds.
November 2024: South Korean officials accused pro-Russian hackers of attacking civilian and government website, following South Korea’s decision to monitor North Korean troops in Ukraine. Several pro-Russian hacktivists have claimed the attacks, but no final attribution has been made.
Cyberattacks in the Healthcare Industry:
None of your medical information is safe. With all medical records stored electronically, hundreds of millions of patients had their data compromised.
Some of the biggest:
Change Healthcare Breach: This attack affected an estimated 100 million individuals, making it one of the largest healthcare data breaches in history. Change Healthcare has publicly acknowledged paying a ransom of $22 million to the BlackCat ransomware group in response to the February 2024 cyberattack.
Kaiser Permanente Breach: This breach compromised sensitive information of 13.4 million individuals.
Ascension Health Breach: This attack impacted 5.6 million individuals.
These are just a few examples of the major cyberattacks that impacted the U.S. healthcare system in 2024. These incidents highlight the growing threat of cyberattacks to the healthcare industry and the critical need for robust cybersecurity measures to protect patient data and ensure the continued operation of essential healthcare services. Will they invest in the measures or will they continue to follow reactionary measures? After all, it’s not their data.
According to Ciphertex, the cost of cyber theft to the U.S. economy in 2024 is projected to exceed $350 billion!
Photo Credit: Jim Watson/AFP/Getty Images
Cyberattacks in Transportation & Logistics
Port of Seattle (August 2024):
The Rhysida ransomware group attacked the Port of Seattle, impacting airport and seaport operations.
Disruptions included baggage handling, flight information displays, check-in systems, and Wi-Fi.
JAS Worldwide (August 2024):
A ransomware attack on this freight forwarder caused disruptions to service delivery, impacting customer service, billing, and shipment tracking.
Plus on March, 26, 2024 the MV Dali, a large container ship, struck the Francis Scott Key Bridge in Baltimore Maryland & the MV APL Quingdao lost propulsion near the Verrazzano-Narrows Bridge on April 9, 2024. Both ships mysteriously lost power near major bridges. Only the Francis Scott Key Bridge sustained major damage.
Cyberattacks Effecting Airlines (potentially):
December 29, 2024: A Jeju Air Boeing 737-800 crashed while landing at Muan International Airport in South Korea, killing 179 people. The cause of the crash is still under investigation, but initial reports suggest a possible failure of the landing gear to deploy.
December 29, 2024: Flight #KL1204, a Boeing 737-800, veered off the right side of runway 18 after landing at Oslo Torp Sandefjord Airport. The flight diverted there shortly after takeoff from Oslo Airport (OSL)," according to a statement issued by Royal Dutch Airlines. KLM citing a hydraulic system failure as the reason for the incident.
December 28, 2024: Air Canada Express flight 2259, a De Havilland Dash 8-400 was forced to make an emergency landing at Halifax Stanfield International Airport after experiencing a malfunction with its landing gear on Saturday night.
Although we cannot directly link cyber attacks to these crashes (yet), it is very possible to compromise aviation systems using cyberattacks.
Aircraft & air traffic control systems can potentially be taken over via cyberattacks through several means:
Compromising Flight Control Systems:
Exploiting vulnerabilities: Hackers could exploit software vulnerabilities in the aircraft's flight control systems, allowing them to manipulate flight surfaces, engines, or other critical systems.
Interfering with communication: Disrupting communication channels between the aircraft and ground control could hinder the pilot's ability to receive instructions or make necessary adjustments.
Manipulating Navigation Systems:
GPS spoofing: Hackers could transmit false GPS signals, misleading the aircraft's navigation systems and causing it to deviate from its intended course.
Inertial navigation system interference: Disrupting inertial navigation systems, which provide independent navigation data, could further confuse the aircraft's positioning.
Targeting Ground Systems:
Air traffic control systems: Compromising air traffic control systems could allow hackers to issue false commands to pilots, manipulate flight plans, or cause confusion and chaos in the airspace.
Airport systems: Disrupting airport systems, such as ground handling or baggage systems, could indirectly impact flight operations.
On December 24, 2024, American Airlines had a "technical issue" with DXC Technology, a third-party vendor that maintains the company's flight-operating systems which led to a brief ground stop of all U.S. flights, causing significant delays.
On July 19, 2024, a CrowdStrike IT outage lasting 72 hours, caused significant disruptions across various sectors. The global aviation industry was particularly hard hit, leading to widespread delays and operational challenges worldwide, affecting aviation operations in numerous regions.
Europe: Key airports in London, Paris, and Frankfurt were affected, causing a ripple effect through European airspace.
North America: Major hubs like Atlanta, New York, Los Angeles, and Chicago saw significant disruptions, affecting both domestic and international flights.
Asia-Pacific: Busy transit points such as Tokyo, Singapore, and Sydney experienced significant delays and cancellations, impacting both regional and long-haul flights.
Latin America: Airports in cities like São Paulo, Buenos Aires, and Mexico City were not spared, with many flights being delayed or canceled.
Cyberattacks in War
The dynamics of war have truly changed from boots-on-the-ground to pushing buttons on computers & using GPS/satellite technology.
2024 saw a significant increase in cyberattacks used in military operations. Here are some notable examples:
Disruption of Critical Infrastructure:
Energy Grid Attacks: Several nations experienced cyberattacks targeting their energy grids, causing power outages and disruptions to essential services.
Transportation Systems: Attacks on transportation systems, including rail and air traffic control, were observed, aiming to disrupt logistics and movement of troops and supplies.
Espionage and Intelligence Gathering:
Data Breaches: Cyberattacks were used to infiltrate government and military networks, stealing sensitive data, including intelligence reports, troop movements, and military plans.
Surveillance and Monitoring: Advanced cyber capabilities were employed to conduct surveillance on enemy communications, track troop movements, and gather intelligence.
Propaganda and Disinformation Campaigns:
Social Media Manipulation: Cyberattacks were used to spread disinformation and propaganda through social media platforms, influencing public opinion and sowing discord within target nations.
Hacking of Media Outlets: Attacks on media outlets aimed to disseminate false information and manipulate public perception of events.
Denial-of-Service Attacks:
Disrupting Communications: Denial-of-service attacks were used to disrupt critical communication networks, hindering military operations and coordination.
Interfering with Command and Control: Attacks targeted command and control systems, disrupting communication between military units and hindering effective decision-making.
In 2024, everyday objects became weapons. Pagers and scooters, once innocuous, were repurposed for deadly ends. Drone technology advanced dramatically, enabling pinpoint strikes on individual bedrooms in private homes and meeting rooms near embassies. A Ukrainian drone executed a chilling 9/11-style attack on a residential high-rise in the Russian city of Kazan, all made possible by the relentless advancement of information technology. An interesting note: Kazan hosted the 16th BRICS Summit, making the terrorist attack on this civilian city less of a military action and more of a symbolic strike against the BRICS nations.
Many modern missiles rely on satellite technology for guidance and navigation. Here are some prominent examples:
GPS-Guided Missiles:
JDAM (Joint Direct Attack Munition): This kit converts unguided bombs into precision-guided munitions by adding GPS guidance.
JSOW (Joint Stand-Off Weapon): A long-range, stand-off weapon system that uses GPS for initial guidance and inertial navigation for terminal guidance.
SDB (Small Diameter Bomb): A smaller, GPS-guided bomb designed for air-to-ground attacks.
Satellite-Based Terminal Guidance:
Some anti-ship missiles: Utilize satellite data for terminal guidance to ensure accurate strikes against moving targets at sea.
Important Considerations:
Jamming and Spoofing: Enemy forces can attempt to jam GPS signals or spoof the missile's GPS receiver, potentially disrupting the missile's guidance.
Redundancy: Many modern missiles incorporate redundant guidance systems, such as inertial navigation systems, to ensure accuracy even if satellite signals are unavailable or disrupted.
With advancements in satellite technology & Artificial Intelligence making leaps & bounds on a daily basis, there’s no doubt 2025 will be filled with more ‘nasty surprises’ as the evil coup d'état inciter, Victoria Nuland, once said.
What can my Fellow Warriors do About it?
While you may not be able to control what other companies may do with your personal information, it doesn’t mean you are defenseless. Protecting yourself from cyberattacks requires a combination of proactive measures, vigilance, and using secure tools. Here are the best practices to safeguard your personal and digital security:
1. Strengthen Passwords and Authentication - I know these are a PITA but it is a necessary task to protect your important information.
Use strong, unique passwords: Combine upper and lowercase letters, numbers, and special characters. Avoid using common words or easily guessed information.
Enable multi-factor authentication (MFA): Add an extra layer of security by requiring a second form of verification, such as a code sent to your phone or email.
2. Keep Software and Systems Updated
Regularly update your operating system, software, and apps to patch vulnerabilities. An outdated patch was responsible for the Change Healthcare fiasco.
Enable automatic updates where possible.
3. Use Antivirus, Anti-Malware Tools, & a VPN
Install reputable antivirus and anti-malware software.
Keep the software updated and run regular scans.
4. Be Cautious with Emails, Links, & QR Codes
Avoid clicking on links or downloading attachments from unknown sources.
Verify the an email or text sender's identity, especially in unexpected or suspicious emails (watch for phishing scams) and texts. No, UPS or FedEX is not holding your package at customs. No, there are are no work-from-home legitimate offers coming to your phone either.
Avoid scanning QR codes on public signs such as in parking lots. Scammers have been placing their own stickers on top of legitimate codes.
5. Secure Your Network
Use a strong password for your Wi-Fi network.
Avoid using public Wi-Fi without a Virtual Private Network (VPN).
Use a VPN to mask your location & protect your devices from attacks on public servers such as those in hotels & airports.
Set up a firewall for added protection.
6. Protect Personal Information
Limit the amount of personal information you share online, especially on social media. Posting your kids school pictures with their ages & teachers might be cute but it’s never a good idea.
Be wary of requests for sensitive information over email, phone, or text.
7. Backup Data Regularly
Create secure backups of important files and data. Have printed hardcopies in a water & fireproof safe as well as a bug-out bag.
Use encrypted storage solutions and keep backups offline or in the cloud with strong security measures.
8. Use Secure Tools and Practices
Browse using HTTPS websites to ensure encrypted communication.
Avoid saving sensitive information, like credit card details, on websites.
Use encrypted messaging apps for private conversations.
9. Monitor Your Accounts
Regularly check bank and credit accounts for unauthorized transactions.
Set up alerts for account activity to catch suspicious behavior early. Some of your credit cards or Turbo Tax customers are offered credit monitoring services free of charge.
10. Educate Yourself and Stay Informed
Stay updated on the latest cyber threats and trends.
Train yourself and your family members on recognizing scams and safe online practices.
11. Secure Devices
Lock your devices with PINs, patterns, or biometric authentication.
Disable Bluetooth and Wi-Fi when not in use to reduce exposure.
Store hard drives with important information in faraday bags to protect them from potential EMPs.
By implementing these practices, you can significantly reduce your risk of falling victim to cyberattacks.
Up next, The 2025 BINGO Card Part III - The Push for a Wider War.
Stay informed, stay vigilant, Ever Forward!