Hacker, Tailor, Soldier, Spy: Future Cyberwar

In the dead of winter, the electricity goes out. Not just in your town, but in many small towns nearby. After a few hours, power returns, but not everywhere. In some places it’s out for days. 

Hospitals struggle to keep generators running to treat hypothermia sufferers; emergency lines are jammed, preventing ambulances from being dispatched. An overwhelmed police force struggles to maintain calm. What first appeared an inconvenient accident is soon revealed as an act of sabotage: someone wants the power down. Someone is sowing chaos and waiting to take advantage.    

This was the nightmare scenario lurking beneath the recent breathless reporting by the Washington Post that “Russian hackers had penetrated the US electric grid” via a Vermont utility. The specter of foreign invaders lurking in the nation’s infrastructure prompted a statement from Vermont Sen. Patrick J. Leahy: 

“This is beyond hackers having electronic joy rides, this is now about trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter.” Other politicians were equally heated, with Vermont Gov. Peter Shumlin calling Russian president Vladimir Putin a “thug” and saying, “This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling.”

Soon, though, the Post had to acknowledge that the Russians hadn’t infiltrated Vermont’s power grid after all. The computer in question, a laptop not connected to the grid, reportedly triggered an alarm when a user logged into his Yahoo email account, as millions of people do every day. Experts dismissed the false alarm.

The speed with which politicians rushed to cast blame speaks to a pervasive cultural concern about the vulnerability of interconnectedness. As more devices come online, think of the much-vaunted “Internet of Things,” encompassing cars, refrigerators, dolls, baby monitors, and more, it’s easier to imagine them becoming weaponized, used to disrupt our increasingly digital lives. 

For a certain cast of mind, it’s easier to imagine that everything is connected and vulnerable, even if that’s not the case. At the same time, there are real dangers. When experts talk about often murky concept of “cyberwar,” they’re often tempering understandable paranoia with realism. Like William Gibson’s concept of the future, cyberwar is already here, but it’s not evenly distributed, and certainly not in the fully formed way of actual war.

Take the now-familiar example of hacking the power grid. “There is no single electric grid in the United States,” said Mark Mills, a senior fellow at the Manhattan Institute. There are thousands of grids, both local distribution grids and long-haul transmission grids, and most aren’t connected to the Internet; there’s no universal switch to just turn off the power in the US. 

But Mills also argued that making grids “smarter” and more interconnected increases vulnerability to hackers. While the industry and many regulators understand that risk, there’s still a push to bring systems online, “smarter” is better. Multiple, coordinated attacks could disable multiple grids, increasing chaos and uncertainty.

Once inside the network, hackers can install backdoors to continue wreaking havoc even if they’re discovered. For a sophisticated attacker, that might mean using zero-day exploits, security holes that haven’t yet been discovered and patched. But Scott said that level of technical skill might not even be necessary. Too many small and mid-sized organisations don’t diligently update their software with security patches, he said, “and so they will have the networks completely riddled with exploits ready to go.”

The Northeast blackout of 2003, caused primarily by a software bug, knocked out power to 55 million people; nearly 100 people died, but there was no widespread panic. Scott, too, imagines a situation in which knocking out the power is a prelude to more violent tactics. And to further panic, attackers could disrupt emergency communications. “You could do that by spamming 911, making it so no legitimate calls could get through. That’s easy to do,” he said.

Still, countries continue to spend millions honing their cybersecurity capabilities, both offensive and defensive. Since 2010, NATO has run a cyber-defense exercise called Locked Shields, involving more 550 people across 26 countries, organized from Tallinn, Estonia. 

Participants can work from their home countries, carrying out attacks on a fictional country; defenders try to maintain the country’s servers, online services, and an industrial control system. 

It’s valuable preparation for a series of potentially unfortunate events; forewarned is forearmed, after all. But Singer cautions that we can be prepared for cyberwar without being paranoid about it.

Vocativ:       War In The Information Age:        Jason Bourne: Envisioning A ‘frightening’ Cyberwar:

Ukraine Blackout – The Future Of War

 

« Director's Departure Leaves A Big Hole At GCHQ
Directors Report January 2017. Cyber Security Checklist For Management (£) »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Zentek Digital Investigations

Zentek Digital Investigations

Zentek has been providing digital forensics services to the public and private sector for computers and mobile devices since 2004.

Cryptomathic

Cryptomathic

Cryptomathic is an expert on commercial crypto - we develop, deliver and support the most secure and efficient off-the-shelf and customised solutions.

CryptTalk

CryptTalk

CryptTalk is an easy-to-use secure communication service.

KOVRR

KOVRR

Kovrr financially quantifies cyber risk on demand. Our technology enables decision makers to seamlessly drive actionable cyber risk management decisions.

Aspisec

Aspisec

Aspisec is a cybersecurity company specialized in Firmware Security and Critical Infrastructure Protection.

GMV

GMV

GMV is a technological business group offering solutions, services and products in diverse sectors including Intelligent Transportation Systems, Cybersecurity, Telecoms and IT.

CybExer Technologies

CybExer Technologies

CybExer provide an on-premise, easily deployable solution for complex technical cyber security exercises based on experience in military grade ranges.

6point6

6point6

6point6 is a technology consultancy with strong expertise in digital transformation, emerging technology and cyber security.

White Bullet

White Bullet

White Bullet’s risk profiling AI detects, dynamically scores and flags unsafe domains, apps and advertising.

Cyber Griffin

Cyber Griffin

Founded by the City of London Police in 2017, Cyber Griffin is an initiative that supports businesses and individuals in the Square Mile to protect themselves from cyber crime.

Seccuri

Seccuri

Seccuri is a unique global cybersecurity talent tech platform. Use our specialized AI algorithm to grow and improve the cybersecurity workforce.

Gorilla Technology Group

Gorilla Technology Group

Gorilla specializes in video analytics, OT network security and big data to support a wide range of solutions for commercial, industrial, cities and government purposes.

Mindcore Technologies

Mindcore Technologies

Mindcore provide cyber security services, managed IT services and IT consulting services to businesses in NJ, FL, and throughout the United States.

Adaptiva

Adaptiva

Adaptiva, the autonomous endpoint management company, delivers the fastest way to patch and manage endpoints at scale.

AI EdgeLabs

AI EdgeLabs

AI EdgeLabs is a powerful and autonomous cybersecurity AI platform that helps security teams respond immediately to ongoing attacks and protect Edge/IoT infrastructures.

Hive Systems

Hive Systems

Hive Systems specialize in tailored solutions that unify risk assessments, IT, security awareness, and cybersecurity operations for businesses of all sizes.