Who tried to hack Hawaii’s undersea cable?
Was a recently-thwarted cyberattack on a Hawaii undersea cable the work of financially-motivated cybercriminals, government-linked hackers, or someone else? Hawaii officials are working with federal agents to determine exactly that, according to Frank Pace, the administrator of the Hawaii Office of Homeland Security.
“That’s what we’re trying to figure out,” he said, adding even their intention is unclear. “Whether it was just a known cybercriminal group that wanted to compromise individuals or executives within the organization, or to install various forms of ransomware to hold their systems hostage.”
The threat actors allegedly hacked a private company on the mainland, which had access to the underwater cable’s servers, among other credentials.
Pace spoke with Dina Temple-Raston and Sean Powers of the Click Here podcast about the thwarted hack. The interview has been edited for length and clarity, and an excerpt is available in this week’s episode of the Click Here podcast.
Click Here: This might sound odd to ask, but what does an undersea cable actually look like?
Frank Pace: So, an undersea cable really isn't that large, and it stretches over thousands of miles. The cables have several strands and the best way that I could describe it is as if you were to look at one of the larger power cables that you see over your home. Usually within those, you might notice there's actually several other cables inside of it. It's wrapped around in a very strong steel coding. It looks like that.
CH: How much data flows through these cables?
FP: They're capable of transmitting about 180,000 miles per second, at 400 gigabytes of data per second. A predominant amount of our communication goes through these cables. There’s more reliance on them with the increase of cloud computing, streaming, and both private and governmental operations being conducted on the cables.
CH: If I was a threat actor, why would the cables be a favored target?
FP: When we look at the expanding attack surface that these cables provide running throughout the world and reaching into most every government and home, they provide an opportunity for, among other things, economic espionage. There’s also an understanding of critical infrastructure systems that are connected to those cables.
CH: If this attack had been successful, what would have happened?
FP: From a cyber perspective, we really don't know because at the end of the day, if it's related to economic espionage, or trying to gain information related to Department of Defense assets, that we might not notice an impact because they don’t want us to see it.
[Was it] just a known cybercriminal group that wanted to compromise individuals or executives within the organization, or did they want to install various forms of ransomware to hold their systems hostage, that's what we're trying to figure out. There's a variety of things that could have occurred, we just don't know yet.
CH: When you heard about this attempted breach, what went through your mind?
FP: What went through my mind were what are the impacts? What do we know? What is it that we need to have further awareness of so that we could further prepare not only leaders within the state of Hawaii, but also other businesses or entities that need to better prepare themselves if we knew how that compromise occurred.
CH: Have you ever seen a similar attempt before this that got your hackles up about the cable?
FP: Here in the state, no. We have not seen something to the extent where it has been focused on an entity that is involved with the cables. We have seen more recently entities or organizations within city and county governments that have been impacted by different forms of malware or ransomware. Those incidents were not the intended or focused targets, but as a result of vulnerabilities within their systems, they were compromised. I think we're likely to see more of that in the near future.
CH: Was there any concern that the timing of this or the discovery of this had anything to do with Russia’s invasion of Ukraine?
FP: I would guess that they're still looking into that. However, from the perspective of our office, we all need to be aware of the geopolitical issues that are occurring throughout the world, but specifically related to Ukraine. CISA director Jen Easterly spoke to this not long ago that clearly what is occurring in Ukraine matters because there is the strong likelihood that any retaliation based on support for Ukrainians could be in the form of a cyberattack, or at least a disruption.