Since May 7, the city of Baltimore (US East Coast) is the victim of a cyber-attack. Initially, the Democrat local government of this city of 630,000 inhabitants concealed the scale of the attack and it was not until May 28, 3 weeks after the beginning of the hacking, to know details. The hackers managed to infect 10,000 local computers and encrypt them remotely: the files became unusable and the mail was blocked. Officials decided to unplug the other computers to stop (logical) dissemination, as a result the municipality no longer has access to any computer data. Concretely, this means that any payment concerning the city has become impossible (local taxes, tickets, water bills, etc., who would complain about it?); that the real estate transactions are interrupted (more boring); that the data of the CCTV cameras are inaccessible (dangerous !), etc. That's how we paralyze a city 4.0. We are far from the "smart city" ...

More breachs in Windows that open the door to cybercriminals ....

The hackers allegedly used a virus called Robin Hood and, for the broadcast, they would have used a tool named EternalBlue which was originally created by the NSA. This is not the first time that the geniuses of the American central administration are stealing a weird tool (WannaCry?) ... As the NSA would have lost the control of Eternal Blue, this tool infiltrates in the gaps of the systems of older exploitation (Windows XP or Vista, again and again)! Of course, the pirates claim money: $ 10,000? $ 100,000? More ? We do not know well.

What is the teaching of this case?

In the past 12 months, there have been 25 cyber-attacks against local American communities, including Atlanta. Attacks of this kind are multiplying and are increasingly affecting private infrastructures causing significant disorganization. Regardless of the tremendous financial costs of overhauling computer systems, what will be tomorrow when there will be, in addition, the traffic lights of the city, or the distribution of electricity, or the working of an hospital will be passed under control of criminals?

Die Hard 4 *?

We hear here and there that it is up to organizations and businesses to have modern and up-to-date systems to protect against this type of criminals. Maybe, but who will make us believe that we are equals in front of technology? The real life is not that of laboratories and clean rooms; there will always be flaws and incidents. But when we become cyber-dependent, we are exposed to no longer knowing (or being able to) operate in "degraded mode" ... an old-fashioned terminology certainly ...

* http://www.allocine.fr/video/player_gen_cmedia=18734714&cfilm=50575.html

Photo credits: Systematic & Visit USA