The Media Again Warns Of A Cyberattack. Fears Of “Jackware”

The following report is written Jason Glassberg from Yahoo Finance:

Jason Glassberg is co-founder of Casaba Security, a cybersecurity and ethical hacking firm that advises cryptocurrency businesses, traditional financial institutions, technology companies and Fortune 500s. He is a former cybersecurity executive for Ernst & Young and Lehman Brothers.

The ransomware crimewave — which has been pummeling businesses, cities, and police departments left and right for the last few years — hit a grim new milestone recently with the first high-profile attacks on U.S. critical infrastructure.

Between the attacks on Colonial Pipeline and JBS, which disrupted nearly half of the East Coast’s gasoline supply for a week and threatened 20% of the U.S. meat market, respectively, consumers are finally experiencing the first physical impacts to their daily lives from cyber attacks.

As bad as these attacks are, they could get a lot worse.

Cybercriminals are constantly evolving, and what is keeping many security professionals up at night is the growing risk of “jackware” — a new type of ransomware that could be 10 times more dangerous because instead of encrypting Windows computers and servers, Jackware hijacks the actual physical devices and machines that make modern life possible.

It’s only a matter of when we will see these attacks happen.

A Few Lines Of Code Can Disable A Machine

Malware is generally something that only affects computers, but over the last 20 years, there has been a boom in the development of tiny computers that add connectivity and “smart” features to every type of machine and device you can imagine. 

These tiny computers are known as “embedded devices,” and they now play a key role in critical infrastructure, cars, mass transit, health care, office buildings, and even the home. And just like a desktop computer, embedded devices are also vulnerable to malware. 

However, the difference between hacking a computer and hacking an embedded device is that the latter has direct physical consequences.

The reason why jackware is so dangerous is that it can shut down these embedded devices, crippling the larger physical machine. That means cyber attacks would lead to even worse disruptions in critical services and supplies than what we’ve seen thus far with ransomware while also potentially causing permanent physical damage to these systems and even putting peoples’ lives in danger.

For instance, if malware disrupts an “electronic control unit” (ECU) in a car, it could cause the brakes to malfunction or prevent the engine from starting — effectively “bricking” the car. It could break a million-dollar MRI machine. It could cause a pipeline to shut down for months or trigger a fire or explosion at an electric substation. Subways may not run. Airplanes may not be able to take off. Even buildings can be sabotaged because they rely on automation systems to operate.

Not The First We’re Hearing Of This

The alarm bells have been ringing for a long time on the cyber-sabotage threat of jackware.

The first notable incident of a physical malware attack was the 2010 disruption of Iran’s nuclear weapons program. This digital attack destroyed centrifuges and revealed the “kinetic” potential for cyber attacks.

Skip ahead to 2015, when hacking researchers for the first time hijacked the controls of a Jeep Cherokee as it drove on the highway. Later that same year and again the following winter, Russian hackers took down part of Ukraine’s electric grid through cyber warfare.

In 2016, the vulnerable state of IoT devices was widely exposed when the Mirai botnet took control of 600,000 of these devices.

One year later, in 2017, the first attack by weaponized ransomware (i.e., ransomware designed to destroy data instead of holding it for ransom) was launched against Ukraine by Russian hackers. The malware, called NotPetya, soon spread around the world, causing at least hundreds of millions of dollars in global damages as it disrupted major companies like Maersk, FedEx (FDX), hospitals, and more.

MRI and X-ray machines were widely infected by spyware in 2018 as part of a sophisticated cyber-espionage operation.

Earlier this year, Microsoft (MSFT) issued a warning about a major rise in firmware attacks on companies.

And even more alarming is the recent update to the TrickBot trojan — a popular platform for ransomware hackers. This new update allows the malware to attack a computer’s BIOS or UEFI firmware, which could be used to remotely brick that device.

Four Attack Scenarios

Just as ransomware is an equal opportunity malware that will target any company and industry, the same is also true with jackware — which could have devastating consequences.

All major industries are now heavily reliant on embedded devices, as is the consumer market, which is seeing an explosion in IoT devices for the home (IP security cameras, smart door locks, smart appliances, etc.) and health and fitness, as well as a burgeoning wearables market and “connected” cars.

While the most alarming threat we face from jackware is a cyberwar-style attack by a nation-state, which could use this malware to cause far-reaching disruptions and threaten lives, this scenario is not as likely to happen because of the geopolitical consequences. (Although we could see one-off attacks periodically from state-sponsored groups that target specific companies — similar to how Iran destroyed $40 million worth of IT equipment at Las Vegas Sands Corp. (LVS) in 2014 after its CEO criticized the regime.)

The more realistic scenario is an attack by criminal or politically motivated hacker groups, ranging from traditional ransomware-as-a-service (RaaS) hackers and other organized crime groups to hacktivists and terrorists. These groups could pull off any number of attacks on a variety of industries in the future.

Here are four scenarios that are most likely to happen in the coming years:

1. Crippling A Major Company

We’ve already seen how disruptive traditional ransomware can be, simply by encrypting front-end office IT systems. However, these attacks would pale in comparison to the damage, costs, and downtime that could be created by a jackware infection of physical processes and machinery.

These attacks would be worse because they would bring operations to a complete standstill, equipment could be permanently damaged, physical injuries could occur, and removing the malware would be more difficult than it is with a traditional IT system.

The biggest risk is to manufacturers, processing plants, electric and water utilities, oil and gas companies, and shipping.

2. The Forced Update Attack

For several years, hackers have increasingly targeted software vendors and supply chains — like SolarWinds and Magecart — as a way of hacking numerous victims by only having to breach a single company.

This tactic could also be used with jackware. If hackers breach an IoT manufacturer, they could potentially use that access to push malicious firmware updates to that company’s products. This is a threat that needs to be taken seriously, as it could have an enormous impact.

For instance, if hackers breached a car maker or dealership, they could potentially “brick” hundreds or even thousands of vehicles at one time by forcing the cars to install jackware.

Similarly, they could disrupt home thermostats, security systems, smart appliances, fitness devices — or any other consumer IoT product and wearable — by forcing those devices to install the malware.

An even greater concern, however, is that this attack could reach critical industries. The industrial Internet of Things (or IIoT), such as connected sensors, is widely used throughout many important industries, like manufacturing and energy. By disabling those devices, an attacker could cause significant disruptions.

3. Hijacking Mass Transit

Criminal hackers have already proven how easy it is for them to breach public transportation agencies.

In recent years, they’ve also used ransomware to disrupt services in Fort Worth, San Francisco, Vancouver, and other cities, and even hit Cleveland’s airport in 2019.

Hackers could use these same methods to instill even greater damage if they can infect the actual vehicle systems with jackware. All mass transit systems today — from buses to trains, subways and airplanes — rely on some level of embedded devices to manage important functions. And they will become increasingly autonomous in the years ahead. By encrypting these embedded devices, an attacker could render the vehicle inoperable.

4. Infecting Medical Devices

Since the pandemic began, hospitals have been heavily targeted with ransomware. These cyber attacks have been highly disruptive, but in most cases they haven’t interfered with actual medical treatments.

That will change with jackware.

Medical devices like MRIs, X-rays, ventilators, etc., often run on outdated software and firmware with unpatched vulnerabilities. Hospitals also frequently fail to isolate these devices from the main network, leaving them exposed to cyber attacks.

Once jackware becomes more widely available in the criminal underworld, it will be easy for hackers to breach a hospital’s main network and push jackware to life-saving medical equipment. This would bring all treatments to a standstill and put patients’ lives at risk.

A Persistent Threat

Unfortunately, cyber threats aren’t going away anytime soon.

And the problem is going to get worse before it gets better.

These attacks will continue because it is easy for hackers to find insecure companies and exploit them. The U.S. government will have a hard time stopping them because any time you eliminate one hacking group, five more are ready to take its place.

What this means for the average person is that you should start preparing for occasional disruptions in your daily life, from supplies at the grocery store to energy, water, banking services, and any connected device you rely on.

Investors also need to be wary about the effect these attacks could have on stocks, IPOs, long-term corporate values, and the cryptocurrency market.

---

AUTHOR COMMENTARY

By faith Noah, being warned of God of things not seen as yet, moved with fear, prepared an ark to the saving of his house; by the which he condemned the world, and became heir of the righteousness which is by faith.

Hebrews 11:7

[12] Wherefore let him that thinketh he standeth take heed lest he fall. [13] There hath no temptation taken you but such as is common to man: but God is faithful, who will not suffer you to be tempted above that ye are able; but will with the temptation also make a way to escape, that ye may be able to bear it. [14] Wherefore, my dearly beloved, flee from idolatry.

1 Corinthians 10:12-14

If you have read our report about the coming cyber pandemic, courtesy of Unlimited Hangout, then you already know that a massive cyber attack on the grid and infrastructure has well been in the works and will be one of the next major organized crises that will be thrust upon the willfully ignorant and drunken masses.

The Coming “Global Citizen” Test That Will Be Mandated For People To Use The Internet

You see, right now, the masses are starting to let loose and turn up. The general masses on both sides have had enough of all the rhetoric from this Covid nonsense. Whether they believe the narratives or not, they know that this thing has been habitually overhyped (which it clearly was from day one), and now they are taking what the media says with a grain of salt, realizing that the fair speeches of “out of an abundance of caution” translates to ‘making up the science as we go.’ So now, “coincidently,” Bill Gates gets divorced, Fauci’s emails were “leaked,” all the states are opening up, etc. – the masses are being set up for yet another “pandemic.”

While the masses are out partying and getting foot loose, the media is now starting to float out the fears of massive cyberattacks. But the masses do not care because of all the hype from Covid and they could care less, right now, what the media says about cyberattacks and this so-called jackware. To them, this is another “murder hornet” scare – that turned into a meme after everyone quickly realized that there was zero truth in that statement.

However, all of this is the subtle propagandizing and normalizing of these coming cyberattacks.

But if you are a regular WinePress reader, you already knew this, as we have been sounding the trumpet on for this sometime; as it not that long ago NBC floated a similar report to this one, warning of cyber-grid-attack that will fry the electronics around the country.

Jen Psaki Discusses Biden’s Executive Order To Give China Access To U.S. Power Grid

Even though the media is prepping the masses for their next crisis, on the flipside: this is a warning from the Holy Spirit as to what judgment is coming next, and he is giving a chance to prepare and “escape,” as mentioned in 1 Corinthians 10.

[10] But mine eyes are unto thee, O GOD the Lord: in thee is my trust; leave not my soul destitute. [9] Keep me from the snares which they have laid for me, and the gins of the workers of iniquity. [10] Let the wicked fall into their own nets, whilst that I withal escape.

Psalms 141:8-10

[21] My son, let not them depart from thine eyes: keep sound wisdom and discretion: [22] So shall they be life unto thy soul, and grace to thy neck. [23] Then shalt thou walk in thy way safely, and thy foot shall not stumble. [24] When thou liest down, thou shalt not be afraid: yea, thou shalt lie down, and thy sleep shall be sweet. [25] Be not afraid of sudden fear, neither of the desolation of the wicked, when it cometh. [26] For the LORD shall be thy confidence, and shall keep thy foot from being taken.

Proverbs 3:21-26

These are great promises and assurances of comfort to remember and meditate upon, HOWEVER, they are conditional. Proverbs 3:21 specifies the conditions with discretion. You must ACT upon the warnings: head knowledge, just as in the case of salvation, saves no one. Do NOT get high-minded and think to yourself, “Well, I am one of God’s children – surely he would never let me fall and suffer sore punishment.” If you think that, then that means you do not know the Bible very well (Romans 11:12-24; Galatians 6:7-9).

[10] Therefore hearken unto me, ye men of understanding: far be it from God, that he should do wickedness; and from the Almighty, that he should commit iniquity. [11] For the work of a man shall he render unto him, and cause every man to find according to his ways. [12] Yea, surely God will not do wickedly, neither will the Almighty pervert judgment.

Job 34:10-12

A prudent man foreseeth the evil, and hideth himself: but the simple pass on, and are punished.

Proverbs 22:3

You must start prepping, not just physically, but spiritually and mentally. This is just one of the coming crisis’s coming: you must also prepare for the fallout of the mass culling of the Covid vaccine recipients, a looming thermal nuclear melt up of the economy, and the ever-growing move for Agendas 2030 and Absolute Zero, quietly playing into the Vatican’s Laudato Si’.

To do a bit of self-promotion, this is why you support and pray for The WinePress. We are covering things that no other professing Christian outlet will dare touch. We are doing what we can to warn you of what is coming next.

---

[7] Who goeth a warfare any time at his own charges? who planteth a vineyard, and eateth not of the fruit thereof? or who feedeth a flock, and eateth not of the milk of the flock? [8] Say I these things as a man? or saith not the law the same also? [9] For it is written in the law of Moses, Thou shalt not muzzle the mouth of the ox that treadeth out the corn. Doth God take care for oxen? [10] Or saith he it altogether for our sakes? For our sakes, no doubt, this is written: that he that ploweth should plow in hope; and that he that thresheth in hope should be partaker of his hope. (1 Corinthians 9:7-10).

The WinePress needs your support! If God has laid it on your heart to want to contribute, please prayerfully consider donating to this ministry. If you cannot gift a monetary donation, then please donate your fervent prayers to keep this ministry going! Thank you and may God bless you.

CLICK TO DONATE