With both state and non-state actors becoming more adept at carrying out attacks in the cyber realm, the threat to global security and economy will continue to grow. This raises the possibility that cyber-attacks could spark an actual conflict outside of the cyber sphere. In just the first six months of this year, the severity of the attacks reached a new high.
Florida Water – In February, a plant operator noticed how the cursor of his computer started moving across the screen and opened software functions that controlled the water treatment process. The hacker was able to boost the level of sodium hydroxide pumped into the water by 100 times its normal level before the attack was thwarted.
Colonial Pipeline – The cyber-attack directly impacted the fuel supply for the East Coast of the United States. The chaos, fuel shortages and price spikes were a consequence of a leaked password to an old account with access to the VPN used to access the company’s server. Colonial paid a ransom in Bitcoin although much of that was reportedly recovered.
Microsoft Exchange – A Chinese cyber espionage group uncovered and exploited four newly discovered vulnerabilities in the email software, putting at risk millions of organizations and government agencies across the globe. Microsoft worked to revert the damages caused by releasing an update to the system and providing mitigation guidance. The issue caused most email exchanges to be offline or degraded for several days.
Those are just the tip of the iceberg. Hundreds of lesser known (or now forgotten) attacks have occurred such as Marriot International in 2020 which revealed the personal information of some 5.2 million hotel guests including name, mailing address, email address, phone number, employer, gender and date of birth.
The use of cyberweapons against military industrial systems was reinforced with destructive effect in 2010 by the most (in)famous computer virus of them all: Stuxnet.
Stuxnet was a complex, multifaceted malware that disabled uranium-enrichment centrifuges in Iran, slowing down the country’s nuclear program. Back then, nothing could match Stuxnet for complexity or sheer cunning — the worm was able to spread imperceptibly through USB flash drives, penetrating computers that were not connected to the Internet or a local network.
Hundreds of thousands of computers were infected yet the worm manifested itself only on computers operated by Siemens programmable controllers and software. On landing on such a machine, it reprogrammed these controllers. Then, by setting the rotational speed of the uranium-enrichment centrifuges too high, it physically destroyed them.
Whilst many in the West cheered Stuxnet, it reinforces the question of whether by accident or design a cyber-attack may result in a devastating outcome. Many speculate that numerous ‘Trojan Horse’ programs lie idle in the computer operating systems of government departments and various utilities around the world waiting to be activated. An investigation confirmed the malicious script in the Florida Water system had been in place for at least two months before activation, for example. Could a single cyber-attack initiate a tit-for-tat response leading to a military confrontation? Stuxnet, for all its brilliance a decade ago, ushered in a new era of cyber-attack and the reaction by the injured or threatened recipient could initiate a dangerous escalation.