Each day, processes run controlled by a series of 1’s and 0’s that impact your life in profound ways that are essential to your survival, yet very few people are aware that this is happening. Vital components that keep our nation’s infrastructure running smoothly ensuring the food you buy at the grocery store are delivered, water is pumped to your sink, and the electricity powers your house could all stop in a single moment.
Last October 4, Microsoft Corporation released a blog post about damaging cyber activity that they detected from a group they called “Phosphorus”. They believe this group originated from Iran and is linked to the Iranian government.
The attacks happened in a 30-day period between August and September of 2019, attacking 241 specific Microsoft customers that were associated with the U.S. presidential campaign, current and former U.S. government officials, prominent Iranians living outside Iran, and journalists covering world politics. This latest cyber-attack is just one of the many cyber attacks that our country is facing on a constant basis.
In this article, we’ll look deeply into the threats of a cyber-attack, the ongoing cyberwarfare that our country is engaged in, what the effects could be, and how we can prepare for it.
To begin our discussion, let us first talk about what is cyber warfare and why it is important for us to pay attention to these threats.
Cyberwarfare is the use of technology to attack a nation, a government, or the citizens to disrupt activities and cause harm or damage. This is basically a form of attack that doesn’t require conventional weapons to cause harm or damage. A simple laptop in the hands of a skilled hacker can already cause significant damage to a country or an individual.
But the most problematic thing about cyber warfare is identifying the real source of the attack. Yes, it can be traced to a certain group or even location, or there are even groups who might claim responsibility. But linking it to a certain government or state is hard to do. The recent attack that Microsoft revealed identified the group, but they only believe it is linked to Iran and the Iranian government. They weren’t able to provide definitive evidence that the attacks were conducted by the country or its government.
It is believed that the attack the group known as “Phosphorus” conducted was a spear-phishing attack since they used a wide array of personal information coming from the persons they targeted to conduct the attack. Spear-phishing, or phishing in general, is a form of cyberattack that attempts to trick its victims into sharing important and sensitive information. They usually disguise themselves as a legitimate and trustworthy company, organization, or individual to carry out the attacks.
But phishing is not the only typical cyberattack that has recently impacted our country, as another one is the distributed denial-of-service or DDoS attack, which is designed to overwhelm the system of a single or multiple servers to disrupt the ability of the server to respond to legitimate requests. This type of attack actually caused a scare last March 2019 when a DDOS attack targeted the electrical grid operations of Salt Lake County in Utah and Los Angeles County in California, causing interruptions in the electrical system operations but not to the actual electrical delivery.
Another common cyberattack that plagues our country is the Drive-by Download attack, which is used to spread malware or ransomware. Hackers make use of insecure websites, apps, or operating systems to install the malicious file into the computer of the person. The scary part about this attack is that you just need to visit the webpage that contains the malicious file and it will automatically install it to your computer. The country has been plagued by 40 ransomware attacks so far this year and hackers use phishing or drive-by download attacks to deliver them.
There are more common cyberattacks like the Man-in-the-Middle (MitM) attack, the password attack, SQL injection attacks, cross-site scripting (XSS) attack, eavesdropping attack, and birthday attack. Any of these cyberattacks or a combination of them has the capability to bring our country to its knees since their main purpose is to steal valuable information and to disrupt functions and operations of important government and utility facilities, as well as industries like our financial industry.
The threat of a cyberattack is real but not many people are aware of how devastating it could really be. Most are only aware of the threat of getting sensitive information and having their identity stolen, getting spied on, and having hackers gain access to their money.
Though these threats are serious, a cyberattack is actually capable of more than just stealing information and money and spying on people. Our reliance on technology in our everyday living puts us at greater risk. One article even mentioned that a cyberattack has the capacity to cause destruction that is comparable to a nuclear weapon in the devastation it would inflict.
An example of a devastating cyberattack is its ability to cause interruptions to important services or facilities. The article mentioned that in 2016, hackers were successfully able to hack into a U.S. treatment plant and changed the chemical mixture. Also previously mentioned was that electrical grid operations in Salt Lake and Los Angeles were successfully infiltrated by hackers. Imagine if hackers were to target our important facilities and structures, like the electric power grid, water treatment systems, and the just-in-time delivery system and cause a disruption? They could collapse our entire country if the halt affected food, water, and power. And if they also cause damage to our nuclear power plants, we could be looking at a nuclear meltdown.
A cyberattack can also do major damage to our country’s economy. In 2018, the U.S. government came out with a report that states the country lost between $57 billion and $109 billion in 2016 due to malicious cyber activity. The report also mentioned that there’s a possibility the effects of the damage from a cyberattack or cyber theft could spill over from the original target to other economically linked firms and magnify the damage to the economy. Targeting other infrastructures and facilities like the electric power grid or water treatment facility could also have an effect on the country’s economy.
Another way that a cyberattack could damage our economy is to cause it to collapse or go into a recession. A report came out in 2018 that cyberattacks could potentially cause the next financial crisis. The Depository Trust & Clearing Corp. said that cyber threats have already reached a point where they are becoming the “most important near-term threat to financial stability.” The reason for this assessment is because cyberattacks directed towards financial institutions are shifting from just monetary gains to causing disruptions in critical financial infrastructures. The report adds that a cyberattack that disrupts operations of one or more financial companies can easily spread to the financial networks and operational connections of the entire system threatening our nation’s financial stability. This means that hackers can do more than just steal money and financial information, they can literally plunge the country into an economic collapse if they interrupt the operations of key financial institutions.
Currently, the U.S. is actively engaged in cyber warfare with Iran. Media stories and discussions related to cyberwarfare are dominated by the attacks conducted by both the U.S. and Iran against each other. I mentioned at the beginning of the article one of the latest cyber attacks coming from Iran, while the last known attack that the U.S. conducted was in June 2019. There were also reports that the country was threatening to retaliate with a cyberattack following the attack on Saudi Arabia’s oil facilities on September 14, which was blamed on Iran. The concerning part about this is that it doesn’t seem like the tension between the two countries will die down. This means cyberattacks directed towards our country will continue.
But Iran is not the only country that the U.S. has engaged in cyber warfare: Russia and China have also been active in their attacks as well. The relationship between the U.S. and Russia was strained following allegations that Moscow tampered with the 2016 U.S. elections to skew the votes in favor of Trump. Since then there has been a silent conflict between the two countries that went public last June.
A report came out that the U.S. Cyber Command has adopted a more aggressive and offensive style in the conflict when it targeted a Russian electric power grid, to which Russia said they would respond. The alarming part about this is that this latest action is skewing both countries to target civilian infrastructures in this continuing digital warfare between the 2 countries. But this cyber conflict with Russia won’t be easy since the U.S. is late to the party. The country only really started to recognize the importance of cyber defense and the threats that countries like Russia, who have already prepared for this kind of warfare for decades, present making us more vulnerable and less prepared for a cyberattack.
China is the third country that poses a threat of a cyber attack on the U.S. There have been numerous instances where hackers believed to be from China have targeted U.S. companies and government agencies. But unlike Russia and Iran, China doesn’t just target our country, as they also conducted cyberattacks on countries like Australia, Taiwan, Vietnam, and Brunei just to name a few. China’s attack is also mostly centered on cyber espionage, as hackers are more focused on stealing data and information from developed countries.
The issue with China, though, is that last July, they announced that they are cooperating with Iran to confront our country in its “unilateralism and hegemony in the field of IT”, which Forbes translates as offensive cyber actions. This could mean that we can expect China to get more involved when it comes to our cyber warfare with Iran.
After discussing what cyber warfare is and why it’s important we also pay attention to it, it’s time to discuss the real implications of this form of attack and how we can prepare for it.
Just-In-Time Delivery System
One of the most devastating implications that a cyberattack can do to our country is to cause shortages in food, medicine, and other important items or materials. They can do this by hacking into the delicate just-in-time delivery system of our country. The system relies on a complex process that needs to function smoothly and without any hiccups in order to ensure food and other supplies are delivered to city centers.
If hackers decide to overwhelm the system with a simple DDOS or DOS attack, they could prevent certain cities in the country from receiving food, clean water, medicine, and other important supplies that rely on the just-in-time delivery system.
Infrastructures and Facilities
Another disruptive implication of a cyberattack is if important facilities and infrastructures are targeted. As I already mentioned earlier, hackers already targeted our country’s electrical grid operations and water treatment facilities. Though they were unsuccessful last time, it showed how vulnerable these infrastructures are to a cyberattack.
Should hackers succeed in infiltrating and disrupting key infrastructures like our water treatment facility, gas stations, and electrical power grid, they could shut down our country’s electricity, cause a fuel shortage, and take away our access to clean water. Worse, they could also poison our water supply and do more damage than just causing a shortage.
But the scariest ramification of a cyberattack is that hackers can also target nuclear facilities. In fact, a report from 2017 mentioned that hackers are already including nuclear facilities in their target infrastructures to try and infiltrate. The attacks were trying to target people who have direct access to systems within the plant that if they were damaged or compromised, can cause an uncontrolled meltdown. This could turn out disastrous for cities near power plants, should hackers succeed in taking over a nuclear power plant and cause it to have a meltdown.
Here are some additional tips that you can use to help your preparation for a cyberattack.
Cyberattacks are not new, but their threat to our country is already increasing day-by-day. Their effects can be devastating, especially if hackers intent on conducting the attack is to disrupt our way of life and collapse our country.
Though our country is doing its best to spruce up the cybersecurity that we have to lessen the vulnerability to these attacks, hackers are also resourceful in coming out with new attacks to counter the new defensive measures in place. This is why it’s still important that we are prepared for it.
If you enjoyed reading this blog, please click the like button and share it on social media. Please put any added tips, suggestions, or information you might have in the comment section below.
As always, stay safe out there.