Last December, part of the Ukraine saw its power grid suddenly go dark.
No one’s claimed responsibility, but the grid had been hit by an online attack that took out the system remotely. Experts agree on a likely suspect: the Russian government, headquartered more than 800 miles away.
It appears to be the first time a cyberattack has knocked out a power grid.
The outage is just one example of the growing threat of cyberwar, a practice that’s become a primary focus of governments and terrorist organizations worldwide. Underlining this point, the US has started going public with its own attacks. On Monday, Department of Defense Secretary Ash Carter said that the US is hitting ISIS systems with cyberassaults.
The attacks aim “to cause them to lose confidence in their networks, to overload their networks so they can’t function,” Carter said, according to multiple reports. He didn’t provide details, and the Department of Defense didn’t respond to a request Friday for more information.
If we didn’t know it already, the Ukraine attack and Carter’s remarks make it clear there are destructive skirmishes taking place in cyberspace right now, and increasingly they’re spilling into people’s daily lives.
Cyberattacks can be designed to damage critical infrastructure, like the strike against the power grid in the Ukraine. They can be geared toward stealing important government secrets, like the theft of federal employee recordsfrom the US Office of Personnel Management last year. And they can even be about retaliating against private companies for political reasons, like whenSony found its systems hacked just as it planned to release a film mocking North Korean leader Kim Jong Un.
Most attacks seek to fly under the radar, leaving it unclear whether the target’s own systems are at fault or whether they’ve been hit, according to Wired reporter Kim Zetter’s 2014 book “Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon.”
In 2012, it took cybersecurity researchers and journalists months to ferret out who was behind Stuxnet, malicious software found on computers running the Iranian nuclear enrichment program. Surprise: It was the US and Israel.
Admiral Michael S. Rogers, the director of US Cyber Command, which carries out cyberattacks for the military, didn’t mention attacks on ISIS when he spoke at the cybersecurity-focused RSA Conference in San Francisco on Tuesday. He only brought up attacks on infrastructure once to describe the threat to the US.
“It’s only a matter of the when, not the if, you are going to see a nation state, a group or an actor engage in destructive behavior against critical infrastructure of the United States,” Rogers said. After the attack in the Ukraine, the White House and the Department of Homeland Security warned US utilities and infrastructure providers that a similar attack could be used against them.
Testifying before the US Senate last March, Rogers said “a purely defensive reactive strategy” isn’t enough. Aside from being resource intensive, such defensive tactics could come too late to do any good. “We also need to think about how can we increase our capacity on the offensive side,” he said.
But former White House counterterrorism czar Richard A. Clarke has criticized the shadowy nature of cyberwar in the US. Cyberattacks are conducted “without public debate, media discussion, serious congressional oversight, academic analysis or international dialogue,” he wrote in his 2010 book “Cyber War: The Next Threat to National Security and What to Do About it.”
Speaking Thursday at a luncheon near the RSA Conference, retired Marine Corps Gen. Peter Pace said the powers the US has to hack aren’t to be trifled with.
But, he noted, here’s the rub with cyberweapons: They don’t blow up on impact. Once code that targets critical infrastructure creeps onto the enemy’s computer, that enemy can potentially use it too.
Also, Pace noted that cyberweapons are easy to make but very hard to defend against.
“I know we cannot defend against what we can do offensively,” he said.