There have been times over the last two months when Golan Ben-Oni has felt like a voice in the wilderness.
On April 29, someone hit his employer, IDT Corporation, with two cyberweapons that had been stolen from the National Security Agency. Mr. Ben-Oni, the global chief information officer at IDT, was able to fend them off, but the attack left him distraught.
In 22 years of dealing with hackers of every sort, he had never seen anything like it. Who was behind it? How did they evade all of his defenses? How many others had been attacked but did not know it?
Since then, Mr. Ben-Oni has been sounding alarm bells, calling anyone who will listen at the White House, the Federal Bureau of Investigation, the New Jersey attorney general’s office and the top cybersecurity companies in the country to warn them about an attack that may still be invisibly striking victims undetected around the world.
He is determined to track down whoever did it.
“I don’t pursue every attacker, just the ones that piss me off,” Mr. Ben-Oni told me recently over lentils in his office, which was strewn with empty Red Bull cans. “This pissed me off and, more importantly, it pissed my wife off, which is the real litmus test.”
Two weeks after IDT was hit, the cyberattack known as WannaCry ravaged computers at hospitals in England, universities in China, rail systems in Germany, even auto plants in Japan. No doubt it was destructive. But what Mr. Ben-Oni had witnessed was much worse, and with all eyes on the WannaCry destruction, few seemed to be paying attention to the attack on IDT’s systems — and most likely others around the world.
The strike on IDT, a conglomerate with headquarters in a nondescript gray building here with views of the Manhattan skyline 15 miles away, was similar to WannaCry in one way: Hackers locked up IDT data and demanded a ransom to unlock it.
But the ransom demand was just a smoke screen for a far more invasive attack that stole employee credentials. With those credentials in hand, hackers could have run free through the company’s computer network, taking confidential information or destroying machines.
Learn more: A Cyberattack ‘the World Isn’t Ready For”
The Latest on: Cyberattack
- Cybersecurity best practices – how should companies respond to a cyberattack?on August 1, 2022 at 5:50 am
This was followed by military and government agencies, which experienced 1,136 weekly incidents for a 47% rise, and communications companies reported 1,079 attacks per organization every week, ...
- A Cyberattack Illuminates the Shaky State of Student Privacyon July 31, 2022 at 2:00 am
At a moment when education technology firms are stockpiling sensitive information on millions of school children, safeguards for student data have broken down.
- Cedar Rapids schools cyberattack questions remain unansweredon July 30, 2022 at 5:00 am
It’s been more than three weeks since the Cedar Rapids Community School District was hit by a cyberattack that allowed ...
- Playing the wrong note? Toronto Symphony Orchestra hit by cyberattackon July 29, 2022 at 11:20 pm
Customers of the Toronto Symphony Orchestra learn that their personal details could be exposed via a ransomware incident.
- U.S. federal court system cyberattack is worse than previously thoughton July 29, 2022 at 9:47 am
A cyberattack incident that involved the U.S. federal court system infrastructure has been proven to be an incredibly significant and sophisticated attack.
- Congress Wants Answers on a ‘Significant’ Cyberattack on Courtson July 28, 2022 at 6:53 pm
Three hostile foreign actors breached the federal courts document management system via “an incredibly significant and sophisticated” cyberattack more than 18 months ago, the chairman of the House ...
- Cybersecurity vendor Entrust tells customers data was stolen during June cyberattackon July 27, 2022 at 8:06 am
Minneapolis-based cybersecurity giant Entrust has confirmed it was hit by a cyberattack last month. Entrust, which describes itself as a global leader in identities, payments and data protection, told ...
- Entrust loses internal files in cyberattack – unknown if digital ID data includedon July 26, 2022 at 3:06 pm
Entrust says it suffered a cyberattack last month in which some of its internal files were stolen, according to president and chief executive Todd Wilkinson.
- T-Mobile agrees to settle cyberattack lawsuit for $350Mon July 23, 2022 at 12:31 pm
T-Mobile on Friday agreed to a $350 million settlement of a class-action lawsuit stemming from the 2021 cyberattack in which data relating to 76 million people was stolen.
- Iowa's unemployment website back online after cyberattackon July 19, 2022 at 5:55 am
Iowa's unemployment website is running again. It had been down for more than three weeks due to a cyberattack.The Iowa Works website handles job searches and work search activitie ...
via Google News and Bing News