In today’s world, having cyberliteracy is crucial to protecting yourself from a cyberattack. Threat actors have the ability to hack virtually any device. With the right information, almost anything is vulnerable to them, from passwords to critical infrastructure.
In March 2022, the Marshall Islands — a group of volcanic islands located between Hawaii and the Philippines — experienced a distributed denial of service (DDoS) attack that crippled their telecommunications service. Even though the response was quick, the islands’ endemic lack of cyberliteracy was exposed, which could open them up to further attacks moving forward.
What is a DDoS attack
A DDoS attack is when a hacker breaks into a system and causes a large amount of traffic that overwhelms a network, thus making it inaccessible. The number of DDoS attacks have gone up over the years. Hackers use DDoS attacks less to steal information and more to express an opinion or demonstrate their “power,” as well as for political reasons. During the 2020 election, Google was hit by a DDoS attack from Chinese threat actors.
The Marshall Islands DDoS attack
Earlier this year, several lines of internet went down at the Marshall Islands, forcing the National Telecommunications Authority (NTA) to get involved and begin patching the system. After working around the clock, they were still experiencing outages across the islands.
NTA CEO Tommy Kijiner, Jr. said in RNZ (Radio New Zealand), “After several days, it became apparent that NTA systems were shutting down as the result of a large-scale DDoS attack.” He went on to say this was one of the worst cyberattacks he had witnessed on the islands in 10 years.
While it is unknown who the attacker was, Kijiner stated, “The only conclusion we arrived at is that the attack was probably related to the Russian invasion of Ukraine.”
Whenever there is armed conflict in the world, cyber warfare tends to follow. Even though the Marshall Islands are an independent entity from the United States, they have a history of experiencing similar cyberattacks, according to Kijiner. This is especially true when the U.S. is (directly or indirectly) involved in a war.
According to Kijiner, the Marshall Islands’ cybersecurity has always been of concern to the NTA, as he admits the nation’s education on cyberliteracy has been sparse and not reinforced.
In one article, he’s gone as far as saying, “If ever there was a ‘right place’ for hacking to happen, the Marshall Islands is it.”
That article also mentions that NTA users have a recurring issue of skipping security actions when online. Many of them click on any links they get in their email, which exposes a high number of users to viruses that could infect their devices and give control to an attacker. This also can contribute to a larger DDoS attack.
The lack of cyberliteracy
With proper cybersecurity training and literacy, many cyberattacks are preventable. Phishing emails are one of the easiest ways for cyber perpetrators to gain illicit access to systems. The NTA said that if the U.S. can get breached, then the Marshall Islands’ defenses would be nothing to an attacker.
While that may be true, this flawed way of thinking has likely exacerbated the problem and helps explain why these issues have existed for so long, given the previous cyberattacks the islands have experienced.
The NTA said, “We probably haven’t done enough education for customers to understand they shouldn’t click and open malicious emails.”
Unfortunately, the Marshall Islands’ problems are not unique, which is why DDoS attacks are common in the U.S. and around the globe. Training the public in cyberliteracy and fluency will be imperative to preventing future attacks.
While this incident may have been detrimental, threat actors could have taken it a step further and crippled the Marshall Islands’ critical infrastructure. This puts life and safety at risk, as well as the environment and stability amongst the population.