Hacker, Tailor, Soldier, Spy: Future Cyberwar

In the dead of winter, the electricity goes out. Not just in your town, but in many small towns nearby. After a few hours, power returns, but not everywhere. In some places it’s out for days. 

Hospitals struggle to keep generators running to treat hypothermia sufferers; emergency lines are jammed, preventing ambulances from being dispatched. An overwhelmed police force struggles to maintain calm. What first appeared an inconvenient accident is soon revealed as an act of sabotage: someone wants the power down. Someone is sowing chaos and waiting to take advantage.    

This was the nightmare scenario lurking beneath the recent breathless reporting by the Washington Post that “Russian hackers had penetrated the US electric grid” via a Vermont utility. The specter of foreign invaders lurking in the nation’s infrastructure prompted a statement from Vermont Sen. Patrick J. Leahy: 

“This is beyond hackers having electronic joy rides, this is now about trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter.” Other politicians were equally heated, with Vermont Gov. Peter Shumlin calling Russian president Vladimir Putin a “thug” and saying, “This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling.”

Soon, though, the Post had to acknowledge that the Russians hadn’t infiltrated Vermont’s power grid after all. The computer in question, a laptop not connected to the grid, reportedly triggered an alarm when a user logged into his Yahoo email account, as millions of people do every day. Experts dismissed the false alarm.

The speed with which politicians rushed to cast blame speaks to a pervasive cultural concern about the vulnerability of interconnectedness. As more devices come online, think of the much-vaunted “Internet of Things,” encompassing cars, refrigerators, dolls, baby monitors, and more, it’s easier to imagine them becoming weaponized, used to disrupt our increasingly digital lives. 

For a certain cast of mind, it’s easier to imagine that everything is connected and vulnerable, even if that’s not the case. At the same time, there are real dangers. When experts talk about often murky concept of “cyberwar,” they’re often tempering understandable paranoia with realism. Like William Gibson’s concept of the future, cyberwar is already here, but it’s not evenly distributed, and certainly not in the fully formed way of actual war.

Take the now-familiar example of hacking the power grid. “There is no single electric grid in the United States,” said Mark Mills, a senior fellow at the Manhattan Institute. There are thousands of grids, both local distribution grids and long-haul transmission grids, and most aren’t connected to the Internet; there’s no universal switch to just turn off the power in the US. 

But Mills also argued that making grids “smarter” and more interconnected increases vulnerability to hackers. While the industry and many regulators understand that risk, there’s still a push to bring systems online, “smarter” is better. Multiple, coordinated attacks could disable multiple grids, increasing chaos and uncertainty.

Once inside the network, hackers can install backdoors to continue wreaking havoc even if they’re discovered. For a sophisticated attacker, that might mean using zero-day exploits, security holes that haven’t yet been discovered and patched. But Scott said that level of technical skill might not even be necessary. Too many small and mid-sized organisations don’t diligently update their software with security patches, he said, “and so they will have the networks completely riddled with exploits ready to go.”

The Northeast blackout of 2003, caused primarily by a software bug, knocked out power to 55 million people; nearly 100 people died, but there was no widespread panic. Scott, too, imagines a situation in which knocking out the power is a prelude to more violent tactics. And to further panic, attackers could disrupt emergency communications. “You could do that by spamming 911, making it so no legitimate calls could get through. That’s easy to do,” he said.

Still, countries continue to spend millions honing their cybersecurity capabilities, both offensive and defensive. Since 2010, NATO has run a cyber-defense exercise called Locked Shields, involving more 550 people across 26 countries, organized from Tallinn, Estonia. 

Participants can work from their home countries, carrying out attacks on a fictional country; defenders try to maintain the country’s servers, online services, and an industrial control system. 

It’s valuable preparation for a series of potentially unfortunate events; forewarned is forearmed, after all. But Singer cautions that we can be prepared for cyberwar without being paranoid about it.

Vocativ:       War In The Information Age:        Jason Bourne: Envisioning A ‘frightening’ Cyberwar:

Ukraine Blackout – The Future Of War

 

« Director's Departure Leaves A Big Hole At GCHQ
Directors Report January 2017. Cyber Security Checklist For Management (£) »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Certification Europe

Certification Europe

Certification Europe is an accredited certification body which provides ISO management system certification including ISO 27001.

Bayshore Networks

Bayshore Networks

Bayshore Networks was founded to safely and securely protect Industrial IoT (IIoT) networks, applications, machines and workers from cyber threats.

Alliance for Cyber Security

Alliance for Cyber Security

An alliance of all major players in the field of cyber security in Germany with a mission to strengthen Germany’s resistance to cyber-attacks.

UnifyID

UnifyID

UnifyID is an identity platform that offers seamless security through implicit authentication.

SteelCloud

SteelCloud

SteelCloud has spent the last decade inventing technology to automate policy compliance, configuration control, and Cloud security.

Very Good Security (VGS)

Very Good Security (VGS)

VGS is the modern approach to data security. Our SaaS solution gives you all the benefits of interacting with sensitive and regulated data without the liability of securing it.

Fraugster

Fraugster

Fraugster provides the most precise anti-fraud solution for e-commerce businesses.

Cowbell Cyber

Cowbell Cyber

Cowbell Cyber™ offers continuous risk assessment, comprehensive cyber liability coverage, and continuous underwriting through an AI-powered platform.

Worldline

Worldline

Worldline IIoT solutions allow industrial companies to start their digital transformation journey with industrial level cyber security standards (IEC 62443 ready).

MOXFIVE

MOXFIVE

MOXFIVE is a specialized technical advisory firm founded to bring clarity to the complexity of cyber attacks.

ThriveDX

ThriveDX

ThriveDX, the world’s premier EdTech provider (formerly HackerU), champions digital transformation training as a means of empowering individuals to thrive in the age of digital disruption.

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

ICS-ISAC is a non-profit, public/private Knowledge Sharing Center established to help facilities develop situational awareness in support of local, national and international security.

Opticks Security

Opticks Security

Opticks provides fraud detection and monitoring solutions for leading brands. agencies and networks. Our relentless mission is to deliver reliable and innovative software to beat digital fraud.

Raxis

Raxis

Raxis is a cybersecurity company that hacks into computer networks and physical structures to perform penetration tests, assessing corporate vulnerability to real-world threats.

ITProTV

ITProTV

ITProTV is part of the ACI Learning family of companies providing Audit, Cyber, and IT learning solutions for enterprise and consumer markets.