- Americans are at risk of being dragged into cyber warfare, FireEye’s CEO told “Axios on HBO.”
- Future cyberattacks could take down connected devices, leading to disruptions in daily life.
- “It’s as simple as if you can be hacked, you are hacked,” he said.
- Visit the Business section of Insider for more stories.
Americans are at risk of being dragged into cyber attacks that would put their connected devices at risk, according to the cybersecurity executive whose company discovered the SolarWinds hack.
Kevin Mandia, the CEO of cybersecurity company FireEye, told “Axios on HBO” on Sunday that future cyber warfare between the US and China or Russia could impact regular citizens, leading to widespread disruptions to daily life.
“Apps won’t work. Appliances may not work. People don’t even know all the things they depend on,” Mandia said. “All of a sudden, the supply chain starts getting disrupted because computers don’t work.”
Mandia warned that the rules of engagement around cyberattacks are unclear, meaning that there may be nothing that’s off-limits. In a world where more devices are connected to the internet than every before, consumers could opened up to massive risk.
“It’s as simple as if you can be hacked, you are hacked,” he said.
Mandia's company, FireEye, was the first to notice the massive SolarWinds security breach last year, which FireEye discovered when its own systems were hacked.
SolarWinds, a Texas-based IT firm, was the subject of a cyberattack went undetected for months - as a result of the hack, foreign attackers were able to spy on private companies as well as government agencies, including the Treasury Department and the Department of Homeland Security.
According to SolarWinds, up to 18,000 of its customers may have been vulnerable to the attack.
Connected devices are being hacked
Mandia's warning follows a slew of cyberattacks in the last few years that have targeted consumers with connected devices. In September 2019, a Wisconsin couple said a hacker gained access to their Nest thermostat and raised the temperature to 90 degrees. The person then spoke to them and played vulgar music through the device.
Families in Houston and Chicago reported similar experiences of hackers infiltrating their cameras and thermostats.
A family in Northern California also discovered their Nest camera had been infiltrated when it began playing a message about North Korean intercontinental ballistic missiles headed toward US cities.
In December of the same year, hackers broke into a Tennessee family's Ring indoor security camera and terrorized their 8-year-old daughter.
These users were likely vulnerable to hacking because they had recycled passwords that had previously been exposed in another data breach or didn't have two-factor authentication enabled for their devices.
Attackers are taking advantage of the pandemic
While hacked connected devices like security cameras have produced some of the more frightening breaches in recent years, as Mandia highlighted, almost anything that can be hacked will be hacked.
Experts told Insider's Aaron Holmes that the pandemic has made consumers particularly vulnerable to attacks as they seek out health information.
Attackers have relied on phishing schemes to steal customer information, like sending emails posing as health officials to bait victims into clicking on links that contain malware and designing fake contact-tracing apps. Hospitals and vaccine research centers have also been targeted in cyberattacks in an attempt to exploit the pandemic.
"Criminal groups and threat actors are using COVID-19 largely as a lure in order to hook their victims and get an initial foothold into a target organization," David Emm, a security researcher at Kapersky, told Insider. "For attackers, it's the gift that keeps on giving because here are so many aspects of it that they can latch onto."