by CrownHeights.info Staff
The New York Times on Thursday profiled a Lubavitcher cybersecrurity expert who believes he found the “atomic bomb” of malware attacks that is lurking undetected, waiting to be set off to devastate computer systems around the world.
The subject of the profile is Golan Ben-Oni, a Lubavitcher cybersecurity expert from Berkeley, California, the son of secular Israeli immigrants to the United States.
After the world was shocked by the scale of a recent cyber-attack called “WannaCry,” which encrypted people’s files and demanded ransom for the keys to decrypt them, Ben-Oni is warning that what we saw was merely the tip of the iceberg, and that something far more sinister is lurking beneath the surface, waiting to blow.
Ben-Oni discovered this virus when it attacked the computer system of his company, IDT Corporation, in a way that he had never seen before. The attackers somehow knew that the company was staffed by many Orthodox Jews – himself included – and timed their attack to occur on Shabbos, when they would all be home and offline.
The malware was able to circumvent even the most sophisticated defenses, and take control of the “kernel” – the central nerve of the company’s computer system.
Ben-Oni estimates that he has spoken to 107 security experts and researchers about the attack, including the chief executives of nearly every major security company and the heads of threat intelligence at Google, Microsoft and Amazon.
With the exception of Amazon, which found that some of its customers’ computers had been scanned by the same computer that hit IDT, no one had seen any trace of the attack before Mr. Ben-Oni notified them. The New York Times confirmed Mr. Ben-Oni’s account via written summaries provided by Palo Alto Networks, Intel’s McAfee and other security firms he used and asked to investigate the attack.
“I started to get the sense that we were the canary,” he told the Times, referring to the ‘canary in the coalmine’ adage – the first warning of impending doom.
Last month, Ben-Oni personally briefed the F.B.I. analyst in charge of investigating the WannaCry attack. He was told that the agency had been specifically tasked with WannaCry, and that even though the attack on his company was more invasive and sophisticated, it was still technically something else, and therefore the F.B.I. could not take on his case.
Whether the global tech community takes this threat seriously enough to stop it before it snowballs into something catastrophic is something to be seen, and which he can only hope and pray for.