No Minister

A different kind of war

with 6 comments

Putin and his cronies have recently rattled their nuclear sabres over Ukraine, in a rather pathetic effort to frighten the West into stopping their support for the latter and thus hopefully achieving some sort of Russian success in the conventional war.

Given that no Western nation has increased their nuclear alert levels it’s clear that they don’t take this threat of nuclear war seriously, and I think they’re correct (circumstances can change of course).

But there are other ways to wage war. We’ve already seen how much a part of warfare drones have become in Ukraine, a capability that has built up steadily in the last twenty years and, like planes in WWI, has gone from mere observation in the battlefront to combat and whose capabilities are sure to expand given that a $10 million tank can now be destroyed by a $300,000 drone.

But one thing that has not been considered very much is the prospect of a full-scale Cyber War. If this sounds less harmless then read this:

The event that would come to be known as “Cyber Harbor,” or “Cyber 11th,” started small. One morning, the “autopilot” mode on some Tesla cars started going haywire. First, dozens, then thousands of cars began veering into oncoming traffic all across the country. Emergency rooms were swamped with crash victims. Then, office workers in dozens of industries watched in shock as their computers began spontaneously deleting files. It took about 24 hours for officials to realize that these scattered problems were connected. The power grid was next: Blackouts began in California and soon rolled across most of the U.S. The Internet started crumbling as well. Routine communications became impossible.

It took only a few days for grocery-store shelves to go bare. Gas stations put out “No Fuel” signs. Even if supplies of food and gas were available, trucks couldn’t deliver them. The country’s banking system had collapsed; with credit cards and ATMs disabled, truckers had no way to buy diesel fuel. The backup generators powering hospitals, police stations, water-treatment plants, and other critical infrastructure eventually drained their fuel tanks and went silent.

There is also an eerie similarity to nuclear warfare in that you can’t really defend against this sort of attack either because to do so involves a degree of rebuilding our IT control networks and systems far beyond even what’s required to build a missile defence. As with nuclear warfare the best that can be hoped for is to make it clear to potential attackers that you have the same weapons and they have the same vulnerabilities.

But what if an enemy calculates that dragging the West down to its level would enable a second war, more conventional, to be won? The old nuclear First Strike scenario but without the radioactivity?

Written by Tom Hunter

May 22, 2022 at 10:29 am

6 Responses

Subscribe to comments with RSS.

  1. This is a recognized risk across all sorts of industries. A well-designed system has the control systems that control the electricity generation / oil processing / manufacturing separated from the corporate domains that are in turn separated from the internet. There are firewalls between the systems, set to only allow traffic one-way. They also are set to only accept traffic from specific MAC addresses. Is it perfect? No. But the systems are being continually monitored, tested and improved. The higher risk remains from disgruntled people with direct system access.

    Spam

    May 22, 2022 at 11:16 am

    • Disgruntled employees are ineed a real threat… But also the paid infiltrator or deep plant working for a national security agency….

      Given the large scale migration to NZ snd other Western countries the possibility of deep plants waiting instruction should concern everyone. The NZ government is riddled with highly qualified mainland chinese…..

      Just saying…

      Trevs_Elbow

      May 22, 2022 at 11:37 am

    • Coming from the IT industry myself I wish I had as much confidence as you. Recent ransomeware attacks against places like Waikato Hospital and Colonial Pipeline show the vulnerabilities, and if the numbers of such attacks remain small, that’s more likely the result of the hacking skills and tools still being quite limited in the general population.

      That’s not going to be the case for a State Cyber warfare group.

      Tom Hunter

      May 22, 2022 at 11:37 am

      • Colonial Pipeline paid-up within 12 hours. What I find interesting is that from a hacker perspective, this was incredibly successful – high value target paying-up millions of dollars straight away. So why hasn’t that inspired a lot of similar actions? It probably has, but the defenses ‘held’ (I am aware of a few other examples of such attacks – periodically we get them circulated as examples to learn from).

        We periodically run tests as well – send employees ‘phising’ type emails, and see how many click the links, and how many enter their details. Too many. It tells us that despite the best training, there are still enough idiots to make cyberattacks potentially successful. so lots of other layers of security, but the best one is to limit the number of people allowed into the control domain. You can count them on one hand.

        Spam

        May 22, 2022 at 5:35 pm

  2. An interesting post, ther are those out there that are concerned about cyber attacks, and how to neutralise it’s effects, only difference is, they are not worried about a foreign power been the perpetrator.

    Uncoffined

    May 22, 2022 at 2:56 pm

  3. An interesting link on the subject, in this case the US electric grid, Yes, hackers could shut down our power grid

    Energy Secretary Jennifer Granholm (D) said on Sunday that adversaries of the U.S. have the capability of shutting down the country’s power grid.

    “Yes, they do,” she said on CNN’s “State of the Union” when asked if U.S. adversaries had such a capability.

    I did have to laugh at this comment from the author of that article, even as wrote about “hardening” the power networks against such attacks:

    But at the same time, one of the reasons we’re not getting hit with the sort of blackout attacks Granholm is talking about is that our grid is still so “dumb.” There are some areas where we’re exposed to mischief from hackers and problems have cropped up. But much of the grid still relies on functions that boil down to somebody walking into a power station and throwing a breaker or pushing a button.

    Tom Hunter

    May 24, 2022 at 10:17 pm


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: