In May 2021, Jim Gosler, known as the Godfather and commander of US agencies’ cyber offensive capability, said, ''Either the Intelligence Community (IC) would grow and adapt, or the Internet would eat us alive.'' Mr Gosler was speaking at his retirement only several months before the terrorist attacks of 9/11. He possibly did not realise the catalyst or the tsunami that he and his tens of thousands of US IC offensive website operatives had created and commenced.

Over the last two decades, what Mr Gosler and his army of Internet keyboard warriors created would become the modus operandi for every faceless, nameless, state-sponsored or individual cybercriminal to replicate against an unwary, ill-protected, and ignorant group of executives and security professionals who knew little to nothing about the clandestine methods of infiltration and weaponisation of the Internet that the US and UK agencies led, all in the name of security.

This book covers many cyber and ransomware attacks and events, including how we have gotten to the point of massive digital utilisation, particularly during the global lockdown and COVID-19 pandemic, to online spending that will see twice the monetary amount lost to cybercrime than what is spent online.

There is little to no attribution, and with the IC themselves suffering cyberattacks, they are all blamed on being sophisticated ones, of course. We are witnessing the undermining of our entire way of life, our economies, and even our liberties. The IC has lots to answer for and unequivocally created the disastrous situation we are currently in. They currently have little to no answer. We need—no, we must demand—change. That change must start by ensuring the Internet and all connections to it are secure and no longer allow easy access and exfiltration for both the ICs and cybercriminals.

Table of Contents

Chapter 1 Stuxnet to Sunburst and Ransomware Development

Chapter 2 Not Secure, F and 0 ...

Chapter 3 Ransomware Lessons Being Learned ...

Chapter 4 Colonial Pipeline and Cl Companies

Chapter 5 CNA Ransomware Attack and Cyber Insurance

Chapter 6 BA easyJet, and the Travel Industry

Chapter 7 Destabilising the United States, Courts, Law Enforcement, and Way of Life

Chapter 8 Deterrence Theory and the Five Eyes Faux Pas

Chapter 9 Ensuring the Security of Insecurity

Chapter 10 Traditional Warfare, the Fat Man, Mistakes Made, and Lessons Still Being Learned and Ignored

Chapter 11 Survivorship Bias

Chapter 12 Air India Ransomware Faux Pas

Chapter 13 Most Common Website Vulnerabilities and Attacks

Chapter 14 The Old Lady of Threadneedle Street and the FCA

Chapter 15 MITRE CWE and Ransom Task Force

Chapter 16 Critical National Infrastructure: The Collapse of a Nation

Chapter 17 US State Attacks and the Continued Oversight of Security

Chapter 18 Conflicts of Interest

Chapter 19 Innovation and Disbelief

Chapter 20 Blackbaud, Cyberattacks, and Class Action Lawsuits

Chapter 21 The World's Largest Global Economic Shift

Chapter 22 It Is Not Setting Goals Too High, but Setting Them Too Low and Achieving Them

Chapter 23 Avoiding the Apocalypse

Chapter 24 I If a Clever Person Learns from Their Mistakes and a Wise Person Learns from the Mistakes of Others, What Is a Person Who Learns from Neither Known As?

About the Author

Andrew Jenkinson is a senior and seasoned innovative executive with over 30 years' experience as a hands-on lateral thinking CEO, coach, and leader. A 'big deal' business accelerator, and inspirational lateral thinker. Andy has crafted, created and been responsible for delivering over £100M of projects Information Classification: General

within the Cyber, Technical, Risk and Compliance markets with some of the world's largest leading organisations. Andy has a demonstrable track record of large-scale technical delivery and management within Professional Services, Managed Services and Financial Services environments. Andy has extensive experience of working at C-Level and is well known around the world for his strong business leadership, integrity, acumen, development, and change management.

Andy’s first book, published in the Autumn of 2021 and titled “Stuxnet to Sunburst, 20 years of digital exploitation and cyber warfare” is a candid, practitioners view, in layman’s terms, of how digital warfare over the last 20 years has shaped our world. It uncovers many unknown facts, and projects that the public have been totally unaware of, that is until now. Andy was one of the first, and possibly one of very few people to discover the plethora of insecure SolarWinds domains. It has since been proven that Andy’s version of the attack of an insecure sub domain being hijacked and a nefarious website being stood up, is now common knowledge as being the initial access and root cause of the initial infiltration (Sunburst). Andy’s research and paper was presented to the United States Senate Intelligence Committee overseeing the SolarWinds breach earlier this year.

Andy has just finished writing a second book on his experience and in-depth research of over 1000 companies over the last few years, all of whom have been victims of cyber and ransomware attacks. The book is titled “Ransomware and Cyberwar, the global economic shift”.

Andy has an uncanny ability to see things, and tell them in straight forward, no nonsense manner and translate them into easily digestible chunks that can be addressed and remediated. His recall, and real examples of cyber and ransomware attacks, covers why attacks occurred, and more importantly, how to prevent them. His findings have been completely supported by Hacker One confirming 96% of hackers hack websites and Statista who confirm the top three initial access points for cybercrime are servers and websites.

In 2020 Andy was featured in The Catholic News Agency article on The Vatican breach as he unravelled and assisted The Vatican by identifying 82 out of their 85 domains were insecure. Many were capturing PII data and payments. With 1.2 billion followers online, particularly during Covid-19 lockdowns, Andy may have uncovered the root cause for the world’s single largest online digital PII data breach to date.