Putin and his cronies have recently rattled their nuclear sabres over Ukraine, in a rather pathetic effort to frighten the West into stopping their support for the latter and thus hopefully achieving some sort of Russian success in the conventional war.
Given that no Western nation has increased their nuclear alert levels it’s clear that they don’t take this threat of nuclear war seriously, and I think they’re correct (circumstances can change of course).
But there are other ways to wage war. We’ve already seen how much a part of warfare drones have become in Ukraine, a capability that has built up steadily in the last twenty years and, like planes in WWI, has gone from mere observation in the battlefront to combat and whose capabilities are sure to expand given that a $10 million tank can now be destroyed by a $300,000 drone.
But one thing that has not been considered very much is the prospect of a full-scale Cyber War. If this sounds less harmless then read this:
The event that would come to be known as “Cyber Harbor,” or “Cyber 11th,” started small. One morning, the “autopilot” mode on some Tesla cars started going haywire. First, dozens, then thousands of cars began veering into oncoming traffic all across the country. Emergency rooms were swamped with crash victims. Then, office workers in dozens of industries watched in shock as their computers began spontaneously deleting files. It took about 24 hours for officials to realize that these scattered problems were connected. The power grid was next: Blackouts began in California and soon rolled across most of the U.S. The Internet started crumbling as well. Routine communications became impossible.
It took only a few days for grocery-store shelves to go bare. Gas stations put out “No Fuel” signs. Even if supplies of food and gas were available, trucks couldn’t deliver them. The country’s banking system had collapsed; with credit cards and ATMs disabled, truckers had no way to buy diesel fuel. The backup generators powering hospitals, police stations, water-treatment plants, and other critical infrastructure eventually drained their fuel tanks and went silent.
There is also an eerie similarity to nuclear warfare in that you can’t really defend against this sort of attack either because to do so involves a degree of rebuilding our IT control networks and systems far beyond even what’s required to build a missile defence. As with nuclear warfare the best that can be hoped for is to make it clear to potential attackers that you have the same weapons and they have the same vulnerabilities.
But what if an enemy calculates that dragging the West down to its level would enable a second war, more conventional, to be won? The old nuclear First Strike scenario but without the radioactivity?
No Minister 
This is a recognized risk across all sorts of industries. A well-designed system has the control systems that control the electricity generation / oil processing / manufacturing separated from the corporate domains that are in turn separated from the internet. There are firewalls between the systems, set to only allow traffic one-way. They also are set to only accept traffic from specific MAC addresses. Is it perfect? No. But the systems are being continually monitored, tested and improved. The higher risk remains from disgruntled people with direct system access.
Disgruntled employees are ineed a real threat… But also the paid infiltrator or deep plant working for a national security agency….
Given the large scale migration to NZ snd other Western countries the possibility of deep plants waiting instruction should concern everyone. The NZ government is riddled with highly qualified mainland chinese…..
Just saying…
Coming from the IT industry myself I wish I had as much confidence as you. Recent ransomeware attacks against places like Waikato Hospital and Colonial Pipeline show the vulnerabilities, and if the numbers of such attacks remain small, that’s more likely the result of the hacking skills and tools still being quite limited in the general population.
That’s not going to be the case for a State Cyber warfare group.
Colonial Pipeline paid-up within 12 hours. What I find interesting is that from a hacker perspective, this was incredibly successful – high value target paying-up millions of dollars straight away. So why hasn’t that inspired a lot of similar actions? It probably has, but the defenses ‘held’ (I am aware of a few other examples of such attacks – periodically we get them circulated as examples to learn from).
We periodically run tests as well – send employees ‘phising’ type emails, and see how many click the links, and how many enter their details. Too many. It tells us that despite the best training, there are still enough idiots to make cyberattacks potentially successful. so lots of other layers of security, but the best one is to limit the number of people allowed into the control domain. You can count them on one hand.
An interesting post, ther are those out there that are concerned about cyber attacks, and how to neutralise it’s effects, only difference is, they are not worried about a foreign power been the perpetrator.
An interesting link on the subject, in this case the US electric grid, Yes, hackers could shut down our power grid
I did have to laugh at this comment from the author of that article, even as wrote about “hardening” the power networks against such attacks: