From the power grid to the water supply to vital defense systems, most systems today are controlled by networks connected to the Internet.
This makes them uniquely vulnerable to a serious digital threat that has many worried : Cyber war.
Experts debate over what exactly to define as “warfare,” but most agree that a cyber war would include hacking attacks that aim to shut down computer networks and infrastructure.
Over the last decade, it’s become apparent that such attacks could have devastating consequences. Here are a few examples:
In 2007, amidst a dispute between Russia and Estonia over the latter’s removal of a Soviet WWII memorial, Estonian government, press, and bank websites were hit with massive Distributed Denial of Service (DDoS) attacks, effectively shutting them down for several days with a gigantic flow of traffic.
The damage was minimal, partially because other NATO nations banded together to protect Estonia from the attack, but served as an alert to the world to what a group of determined hackers could do, according to a paper in the University of South Florida’s Journal of Strategic Security.
- The same type of attack happened against Georgia during their week-long war with Russia in 2008, as reported by The Telegraph. Government websites and communications were shut down.
In 2010, a computer worm named Stuxnet temporarily knocked out Iran’s uranium-enriching centrifuges. The program was jointly developed by the United States and Israel, according to the New York Times.
And these attacks pale in comparison to potential future actions.
The U.S. has already seen some serious intrusions, such as a hack into the systems of Telvent, a company that monitors half of America’s oil pipelines, and an attack on the electrical grid that would allow hackers to easily hack it again, as reported by the Wall Street Journal. An attack on the US Office Of Personnel Management in 2015 saw millions of records stolen, including those related the personnel in the US security clearance database.
In these instances, the attacks were traced to Chinese servers, but China has denied involvement.
The consequences of such attacks could be incredibly destructive, causing region-wide blackouts, fires in electrical generators, and a halt in the economy.
To combat this, the U.S. is expanding its cyberdefense corps, which is part of the National Security Agency. Once expanded the corps will have 6,200 members.
However, critics such as former national security adviser Richard Clarke has criticized the army for only seeking to protect government targets, leaving important private company operations such as oil, water, and electricity transportation to fend for themselves.
To test the US power grid’s vulnerability, government officials partnered with the power industry to simulate a cyber attack and examine vulnerabilities. Their findings concluded :
- Information sharing between the power industry and US officials needs to improve
- Smart devices that make up parts of the grid may present cyber attack vulnerabilities
US Offensive Cyber War Capabilities
To be sure, cyber war works both ways. The US reportedly developed a detailed cyber war offensive plan for launch against Iran in case diplomatic efforts to end Iran’s nuclear program failed. However, the talks worked, and cyber attacks against military and civilian targets were never launched.