This is What Modern Cyberwarfare Looks Like

The modern world is more vulnerable than ever before, now that everything is interconnected.

On the morning of June 27, 2017, trucks were arriving as usual at the shipping terminal in Elizabeth, New Jersey—a major port on Newark Bay. The scale is almost unimaginable: thousands of shipping containers were stacked there, waiting to be placed onto freighters by 200-foot-high cranes.

As many as 3,000 trucks arrive at the terminal each day. When they arrive, a scanner reads the barcodes on the containers. A gate clerk talks to the drivers, who are then given passes that tell them where to park their load so that it can be put onto a ship.

Of course, computer software controls everything. It knows what’s on each truck, where the load is going, which freighter it should go on.

But what happens if the computer goes down? Now we know. On that June morning, all the computers in the network of A.P. Moller-Maersk, a Danish shipping company, suddenly went dark and restarted, with all the data scrambled.

Without the computer, the gate clerks were clueless. They had no idea what should go where. Soon hundreds of 18-wheelers were lined up for miles, with an angry driver in every one. Police realized that something big had gone wrong and began telling the drivers to leave.

What do you do if you’re a trucker and can’t leave your container, especially since you’re scheduled to pick up another one? Some of the trucks had items that needed refrigeration, so the load couldn’t simply be put in storage someplace. Others had manufacturing parts headed overseas—parts that the manufacturers urgently needed in order to continue production.

This same situation played out at the 76 Maersk shipping terminals worldwide.

What happened? Russian military had attacked Ukraine with a computer virus. It brought down computer networks in hospitals, airports, over 20 banks, ATMs, card payment systems, and many federal agencies. People weren’t able to use their credit cards; paychecks and pensions were on hold; prescriptions went unfilled.

It was so virulent that it spread around Maersk’s worldwide network in less than a minute. It encrypted each computer’s “master boot records,” which tell a computer where to find its operating systems.

It ended up going far beyond the borders of Ukraine. Not only did it infect Maersk, but also, according to an excellent and detailed article in the September issue of Wired magazine, it affected FedEx’s European subsidiary TNT Express, French construction company Saint-Gobain, food producer Mondelez, and manufacturer Reckitt Benckiser.

The Russian hackers likely didn’t intend for the virus to go beyond Ukraine, especially since it eventually made its way back into Russia and infected Rosneft, the state oil company.

It ended up causing an estimated $10 billion in total damages.

What did Maersk do? The company convened a 200-person task force of experts in England along with about 400 Maersk employees. It began collecting backups from the previous three to seven days, with the intention of reconstructing its database.

But no backups of a key controller could be found. Without it, Maersk was toast. It called all of its offices around the world and found that a computer in a remote office in Ghana was down when the virus struck because of a power blackout. It contained the necessary controller for rebuilding Maersk’s database.

What can we learn? First, be sure to always keep your operating system up to date. Microsoft had released an update for Windows months earlier that would have protected Maersk and everyone else from the virus.

But we also learn just how vulnerable the modern world is, now that everything is so interconnected. In a flash, the world’s banking system could go dark, the power grid could be hacked so that there’s no electricity, the GPS satellites that we are utterly dependent on for location and extremely precise time could go haywire, or, heaven forbid, the internet could stop working.

In July, media outlets reported that Russian hackers had infiltrated the control rooms in U.S. power plants, which could possibly let them remotely control parts of the U.S. power grid—as they did in Ukraine in 2015 and 2016.

Fortunately, the Russian military hackers are being closely watched by the National Security Agency and other American intelligence services. We just have to hope that the guys on our side are more savvy than the ones on their side.

An extraordinary irony is that a main component of the virus that infected Maersk and other entities around the world was actually developed by the NSA. It was one of a number of hacking tools that a rogue individual within the NSA uploaded to the internet and made available to everyone for downloading.

Let’s hope the world’s leaders realize the very serious danger of cyberwarfare and move toward détente.

See column archives on JimKarpen.com.