By Jim Tiller, Vice President, Security Professional Services, North America, BT Global Services
You can’t pick up a paper, read a news article or scan a blog without something about cyberwar in there somewhere. Moreover, there are a number of books surfacing and, conservatively speaking, a great deal of activity in the government sector concerning cyberwar. While I’m working on a series of posts on this topic, I thought we should first try to define it.
In short, cyberwar is the use of technology to render some form of harm against an enemy. Suffice it to say that we’re not talking about your typical hacker trying to steal credit card numbers.
Cyberwar is technically more of a statement of condition as opposed to a specific act, such as a battle or attack. The term encompasses all the different forms of attacks, defenses and counter attacks that occur in the digital domain over time. You hear some in the government make statements such as, “we’re in a cyberwar,” referring to the vast number of attacks against government and private networks and systems from distant entities. These forms of attacks are on the rise, and the United States is clearly making the necessary political and military adjustments to address such threats (more on this in future posts).
On the other hand, you hear a more accurate representation of a cyberwar as a future condition where cyberattacks will have devastating results that are analogous to what we would see in conventional warfare. In many cases, experts will refer to situations where an attacking force would use “cyber weapons” to bring down the power grid, financial systems, communication networks and the like (e.g., critical infrastructure), rendering them unusable.
In this future, the difference between a cyberattack and a traditional attack is that the physical infrastructure remains generally intact. For example, a bomb blowing up a critical power station clearly hinders the ability to distribute electricity until it is rebuilt, consuming time and resources. Conversely, a cyberattack will render the deeply integrated computing systems temporarily useless, also hindering the ability to distribute electricity. Although the physical asset is unaffected in this scenario, the end result is very similar to a physical attack – electricity cannot be delivered to homes, businesses and other utilities for a period of time.
Of course, we have to acknowledge that a well-formed cyberattack can make computers perform dangerous acts that can manifest themselves as physical destruction. An example would be opening waste gates on a sewer system to dump raw sewage into the environment; or redirecting trains, placing them on a collision course; or channeling electricity in a manner that overloads systems, such as lines and transformers, causing them to explode or become completely inoperable; or disrupting air and ground controls, greatly increasing the potential for a devastating accident.
The list is very long. Think of all the computer controlled elements in our lives and about how the “logic” of their control could be manipulated to cause physical damage.
More importantly, we have to understand the condition and sensitivity of today’s major countries. During World War 2, it took a bomb to destroy an asset — such as a train, manufacturing plant, airfield, roads and bridges — to disrupt the stability of the enemy. However, today there is far more sensitivity to disruption.
Let’s go back to the power station attack example. If power was lost for an extended period of time, say two weeks, in key locations, such as New York, Chicago, San Francisco, Dallas, Atlanta, Boston, and the like, the United States would be brought to its knees. Financial systems would strain to a point of failure, emergency services would rapidly become overloaded, products couldn’t be delivered, trains wouldn’t run, hospitals would be overrun, impassable traffic would form and people – many of them – would die. Imagine if this occurred in the middle of winter or even summer – it would be a catastrophe. Therefore, a cyberattack against the power grid doesn’t have to physically destroy the power grid to cause massive damage and disruption because there is very little resilience in how our society functions. One critical aspect goes missing for a short period and the entire fabric begins to come apart.
This concept was demonstrated in the recent Icelandic volcano eruption that virtually halted all air traffic between the United States and Europe for weeks. This cost airlines millions, disrupted the travel plans of hundreds of thousands of people, and stopped the delivery of perishable resources, such as donated organs. The total cost in money and lives will never truly be known. Therefore, an attack against something like the power grid can cause mass disruption well beyond the targeted environment.
In the coming weeks, I will continue this series on cyberwar by writing about the “weaponization” of cyberspace and the cyber cold war. And then I will elaborate on the future “theater of war,” setting the foundation for sharing views of what World War 3 could look like.
