A series of attacks by hackers in a series of countries are leaving a trail of devastation across the internet and social media, according to a report by the US-based cyber security company FireEye.
The attacks, dubbed ‘The Grey March’, are the most damaging of the kind seen in the past decade.
“The grey march is the most significant type of cyber attack we’ve seen in our experience, and it’s certainly the most sophisticated,” FireEye cybersecurity analyst Peter Eckersley said.
“It’s a real-time threat that can affect all devices and systems on the internet, whether they’re running a browser or not.”‘
This is a serious issue’: Federal government, industry to discuss cyber security at Cybersecurity conferenceFireEye, a Washington-based cybersecurity firm, is working with US officials to identify what the grey march attacks are, and how to prevent them from happening again.
The group is working on a “cyber security roadmap”, which aims to better understand the grey marches, and recommend ways to prevent attacks in the future.
“There’s no question that these are a serious threat to our networks and the ability of organizations to operate,” Fireeye CEO Joe Gebbia told the conference.
“This is an issue that has been around for some time and we think that this is something that we need to be able to solve.”
In a statement, the US Department of Homeland Security (DHS) said it would discuss the threats to its networks with US businesses and government agencies on Tuesday.”DHS and the Department of Justice are in regular communication to share information about the grey marchers, including their specific goals, tactics and progress toward securing critical networks,” the statement said.
It said the department was also working with other government agencies to “better understand the nature and scope of the attacks and the potential impacts on the United States and its networks”.
It’s not clear how much damage the attacks have caused, but many websites have been down for hours.
The grey marcher attacks have not been successful in the US.
The White House says the attack was “an act of pure malicious intent”, and it said there was no evidence of cyber espionage.
“These attacks do not appear to have originated from China,” said a statement from the White House.
“However, there is no indication of Chinese government involvement.”
It said it had not received any specific intelligence reports suggesting China was behind the attacks.
“In addition, there has been no evidence that China or any other nation has used this type of attack in the context of a concerted effort to interfere in the presidential election,” it said.’
No evidence’ the government is behind attacksFireEye is working to establish who is behind the grey March attacks.
We believe that, to date, there are no evidence to suggest that the US government is the perpetrator, but we are not ruling out the possibility that someone else is, said Mr Eckers, who noted that the attack in 2015 was not widely reported.
“If there is an ongoing effort to use these attacks to gain access to networks, or if these attacks have been done by individuals, we can’t rule out the government as the perpetrator,” he said.
The attack in 2016 caused about $250 million in damage to US businesses, including about $300 million to the US Postal Service.
“We have had some reports of a small fraction of those losses,” Mr Ecker said.
FireEye said the attacks had not affected the vast majority of US businesses.
The department said it was still reviewing the impact of the grey Marchers attacks, but it was working to provide the public with “more clarity” on the extent of the damage and its impact.
“Our hope is that this will lead to an improved understanding of the extent to which these attacks affect the economy and society,” it added.
“Further, we hope that a better understanding of how the attacks may have impacted the overall economy will help to inform the public’s understanding of their impact.”‘
Cyber-savvy criminals’The grey March has not affected businesses as much as some of the other attacks, FireEye said.
However, the attacks could still have an impact on the economy, and affected a “significant number” of companies, the company said.
For example, the group said there were reports that a cyber-savvier criminal was responsible for the attacks, and they believed that the perpetrator had “plausibly acquired access to significant quantities of personal and financial information”.
“The vast majority” of the losses in 2016 were “minimal”, Mr Eckes said.
But the grey marching attacks were not without cost, Fireeye said.
According to FireEye, it was a “very high” number of cyber-attacks in 2016, and “it is likely that the total number of grey march attack is significantly higher”.
“While the total losses from these attacks are not as high as the 2015 grey march, they still represent significant losses to businesses and the economy,” it warned.