A cyber attack is an offensive maneuver carried out by individuals or organizations that maliciously target personal computers, computer systems, infrastructures, or networks, by hacking into vulnerable systems and stealing, changing, or destroying specific targets. These attacks can range in size from spyware or malware winding up on a single PC all the way up to something as large as an attempt to disable the vital infrastructure of an entire nation. Large scale cyber attacks like this are usually referred to as cyber terrorism or cyber warfare, and they are quickly becoming a preferred method of targeting very large groups of victims.
Cyber terrorists use the internet to infiltrate and damage or disable vital national infrastructures like control systems, transportation, finance, energy resources, telecommunications, and government. And, because this can all be accomplished from cyberspace, it isn’t even necessary for the attackers to ever set foot in the nation they are targeting. Many professional hackers are actively recruited and employed by terrorist groups, or even governments, to find vulnerable computer systems and infect them with malicious code. This code can then be used to remotely control, view, or cripple the infected systems. There has reportedly been a ten-fold increase in the number of successful infrastructure related cyber attacks since the year 2000 alone.
Control systems, many of which are computer integrated, are tasked with monitoring and controlling necessary mechanical devices like control valves and gates that are part of physical infrastructures such as dams. These are generally remote devices that link through the internet to physical devices. It is usually somewhat difficult to secure these devices, making it easier for cyber terrorists to exploit vulnerabilities. Water control infrastructure is full of these types of control systems, and is said to be one of the biggest security risks of all the computer controlled systems.
With dams in particular, the potential exists for massive quantities of water to be released in vulnerable areas resulting in huge losses of life and devastating amounts of damage to property and infrastructure. Waste removal systems could be compromised as well. The estimated cost to replace such critical water systems could run into the hundreds of billions of dollars.
Cyber terrorists could also target computer-controlled transportation systems. Railroad switches, airplane flight and air traffic control software, and conventional highway traffic controllers could all be viable, costly, and disruptive targets. Successful attacks could impede scheduling and accessibility of public transportation as well as the transportation of cargo from one place to another, resulting in huge financial losses and prolonged shortages of necessary goods.
In addition, it was recently reported that ground to air communications are actually not even encrypted. How much effort would it really take for a skilled hacker or team of hackers to interrupt and change instructions to airline flights, or even update or disrupt critical flight systems and software while the planes are in the air? One example would be the “slammer” virus of 2003, which caused computer problems that forced Continental Airlines to ground its flights.
Financial infrastructures could also be greatly affected by cyber attacks and would be a prime target. By financial infrastructures I mean banks and other lenders, stock exchanges, and even federal reserves. Even if the attack was directed at financial institutions that were more regional in nature, this would still have a national effect because of the way in which the nation’s finances are all interrelated.
If a banking system fails, many companies and entire systems that rely on that banking system also fails, causing an economic domino effect. This is why the U.S. government gave American Banking institutions a massive bailout a few years ago when many were on the verge of failing, because government leaders knew that allowing the financial infrastructure to collapse would in turn lead to the collapse of the entire nation.
There is a constant flow of “virtual” money being exchanged between institutions and a cyber attack could reroute and steal large amounts of money, possibly leading to the financial collapse of many companies and leaving many people with no savings and no employment. The average daily volume of these computerized non-cash transactions in the US alone is about $3 trillion. The ability to disrupt the flow of that volume of money for even one day could cause devastating effects on financial markets and on our economy as a whole.
Investor confidence could be eroded, causing a drastic drop in the stock market. People and corporations could also lose confidence in the banks’ abilities to keep their money safe, causing them to withdraw all of their funds, possibly leading to a collapse of the financial infrastructure. Lenders could survive a few of their members pulling out their money, but not the majority of their members doing so all at once.
Energy infrastructure basically consists of the electrical grid with its production facilities and substations, and oil and natural gas pipelines. By the admission of the US government, the North American power grid is especially susceptible to cyber attack. According to national security officials, both Russian and Chinese government hackers have already infiltrated the electrical grid in the United States, leaving behind software that could be used to disrupt the system, though China has denied any involvement in the incident. If not discovered, this software was capable of pinpointing the busiest sections of the grid and shutting them down, disabling countless critical systems and causing countless disruptions to everyday life across the nation.
These same types of attacks could be carried out on other types of energy supply as well, such as oil and natural gas, effectively stopping their computer-controlled supply and delivery. Cyber terrorists could target and shut down facilities that control production and supply, stopping the flow, or simply diverting it away from areas where it is needed most. Such an incident has occurred in Russia, where a Trojan horse program caused the natural gas supplier Gazprom to completely lose control of the central switchboard that controls and routes the flow of natural gas. The U.S. Department of Homeland Security claims it is currently working to identify and address vulnerabilities to the nation’s energy infrastructure and increase the security of the network of control systems, but so far internet security hasn’t caught up with internet technology.
Communications systems such as voice and IP networks are combining, with everything being run through the internet to provide for ever-increasing speed and storage demands. A single successful cyber attack on an unsuspecting carrier could disrupt or disable the communications services of many thousands of consumers, corporations, and governments. The potential for creating such mass disruption makes telecommunications carriers very attractive targets.
New cyber weapons are being designed and developed to specifically attack telecommunications and information infrastructure to bring about significant disruption and damage to a nation’s economy. Cyber terrorists already possess the necessary technology to target physical infrastructure like microwave facilities and communications satellites to effectively shut down the hardware and disrupt information systems and networks. This would effectively isolate people from one another and disrupt the communication of critical information, causing panic in the population.
Cyber attacks can be, and quite often are, carried out by one government against another. In such cases, they are usually referred to as being cyber warfare as opposed to cyber terrorism. Whichever name is used, the attacks consist of any and all of the tactics discussed above. In the case of cyber warfare, the various attacks are designed to gather strategic information or undermine the strength of an enemy nation, or to weaken public morale and confidence in the government. They can also be used to interfere with an enemy nation’s military communication, supply, and weapons systems.
Another tactic used is to disrupt the industrial complex that is essential to support a nation’s military and civilian population. In the summer of 2010, a program called Stuxnet was discovered. This malicious software was used to infiltrate computer systems in Iranian factories but had spread to production plants worldwide. It is widely accepted that Stuxnet was a government sponsored attack on Iran’s nuclear program by the United States, Israel, or both. The purpose of the attack was to target and disable the automated centrifuges that were used to separate nuclear material in Iran’s nuclear enrichment program. Stuxnet collected information on Iran’s industrial systems and then executed code that caused nearly twenty percent of the fast spinning centrifuges to tear themselves apart.
In addition, the design of Stuxnet allows it to be adapted for use against any of the computer controlled mechanical systems that are commonly used in every developed nation around the world (such as in electrical power plants and industrial manufacturing). In late 2012 there was another cyber attack on Iran by Stuxnet, with this attack targeting multiple industries including a power plant.
The countries that have already been tied to cyber attacks are China, South Korea, Pakistan, India, Germany, Russia, Iran, the UK, and the United States, with the vast majority of the attacks coming from China. Thousands of hackers are employed by China to infiltrate military and government targets and also Fortune 100 companies for valuable research and development data. It is believed that attacks like these have cost in the neighborhood of several hundreds of billions of dollars in stolen R&D. Recently, the Shamoon virus was used to cripple thousands of computers that control the production of oil and natural gas in Saudi Arabia and Qatar. The source of this attack is thought to be Iran.