There are concerns that the world has only experienced a very small level of the true threat posed by cyber-attacks. With both state and non-state actors becoming more adept at carrying out attacks in the cyber realm, the threat to global security and economy will continue to grow. This raises the possibility that cyber-attacks could spark an actual conflict outside of the cyber sphere.
In just the first six months of this year, the severity of the attacks reached a new high.
Florida Water – In February, a plant operator noticed how the cursor of his computer started moving across the screen and opened software functions that controlled the water treatment process. The hacker was able to boost the level of sodium hydroxide pumped into the water by 100 times its normal level before the attack was thwarted.
Colonial Pipeline – The cyber-attack directly impacted the fuel supply for the East Coast of the United States. The chaos, fuel shortages and price spikes were a consequence of a leaked password to an old account with access to the VPN used to access the company’s server. Colonial paid a ransom in Bitcoin although much of that was reportedly recovered.
Microsoft Exchange – A Chinese cyber espionage group uncovered and exploited four newly discovered vulnerabilities in the email software, putting at risk millions of organizations and government agencies across the globe. Microsoft worked to revert the damages caused by releasing an update to the system and providing mitigation guidance. The issue caused most email exchanges to be offline or degraded for several days.
The foregoing is just the tip of the iceberg. Hundreds of lesser known (or now forgotten) attacks have occurred such as Marriot International in 2020 which revealed the personal information of some 5.2 million hotel guests including name, mailing address, email address, phone number, employer, gender and date of birth.
The cost of cybercrime goes far beyond the actual money invested in detecting, responding and recovering an organisation from an attack and the situation has been getting worse. In 2015, the World Economic Forum estimated the global cost of cybercrime to be $3 trillion. That figure is forecast to reach a whopping $10.5 trillion by 2025.
The use of cyberweapons against military industrial systems was reinforced with destructive effect in 2010 by the most (in)famous computer virus of them all: Stuxnet.
Stuxnet was a complex, multifaceted malware that disabled uranium-enrichment centrifuges in Iran, slowing down the country’s nuclear program. Back then, nothing could match Stuxnet for complexity or sheer cunning — the worm was able to spread imperceptibly through USB flash drives, penetrating computers that were not connected to the Internet or a local network.
Hundreds of thousands of computers were infected yet the worm manifested itself only on computers operated by Siemens programmable controllers and software. On landing on such a machine, it reprogrammed these controllers. Then, by setting the rotational speed of the uranium-enrichment centrifuges too high, it physically destroyed them.
Whilst many in the West cheered Stuxnet, it reinforces the question of whether by accident or design a cyber-attack may result in a devastating outcome. The Florida Water attack is a case in point. Fortunately, the operator noticed the moving cursor on his computer and responded quickly. Florida Water advised they have overlapping systems that would have prevented the contaminated water from being released to the public however this incident was a classic example of a cyber-attack with potentially serious consequences.
Recently, US President Joe Biden said that war in the future could be sparked by actions in cyberspace. This is a somewhat ironic observation by the US President as Stuxnet was a product of US and Israeli collaboration and he was Vice President during part of its development and at its release, but I digress.
For the last several years many have speculated that numerous ‘Trojan Horse’ programs lie idle in the computer operating systems of government departments and various utilities around the world waiting to be activated. An investigation confirmed the malicious script in the Florida Water system had been in place for at least two months before activation, for example. Could a single cyber-attack initiate a tit-for-tat response leading to a military confrontation?
Stuxnet, for all its brilliance over a decade ago, ushered in a new era of cyber-attack and a malicious action by any number of governments could initiate a dangerous escalation.