By: Bakhtawar Mehdi
What does it mean to be powerless? Ask any nation or organization after it has been hit with a cyber-attack leaving its most privileged data exposed. Cyberwar has evolved from the theoretical to the ominous and a cyber-apocalypse is not far behind. As a result of terrorism and cyber terrorism activity, an apocalypse has been long feared since the early 2000s. A cyber apocalypse would wreak havoc on a nation by bringing down its critical information infrastructures. It has the potential to do as much damage as a natural disaster, and inherently bring a whole country to a standstill. As the cyber threat landscape continues to complicate, infrastructure systems are susceptible as they exist at a crossroads between the digital and physical worlds. A massive and well-coordinated cyber-attack on critical infrastructure has the potential to devastate the economy and cause a large- scale loss of life.
Power grids have been a low intensity battleground for years. In 2015, nearly a quarter of a million were left without power in Ukraine after one of the first confirmed hacks to have taken down a power grid. The sophistication of the attack made it apparent extensive reconnaissance was conducted prior to launch. The attack followed the stages of the ICS (Industrial Control Systems) Cyber Kill Chain from beginning to execution. Perhaps the most significant aspect to this attack was that the nation states capability in executing a high synchronized, multistage, multisite attack. Two SCADA Hijack approaches were developed to use across different types of SCADA/DMS implementations at three companies. In no way was it meant to be a quiet operation. This attack sent a clear message, “We can leave you powerless.”
The United States most recent move to protect its power grid from cyber-attacks may come as a surprise to some, as it indicates disconnecting from the internet in order to protect.
Without a doubt, superpowers like the United States are prepared with defensive and offensive measures in response to a cyber-attack. GridEx V, a massive emergency grid security exercise allows stakeholders across North America to demonstrate how they would respond to and recover from simulated coordinated cyber and physical security threats and strengthen their crisis communication capabilities. The United States most recent move to protect its power grid from cyber-attacks may come as a surprise to some, as it indicates disconnecting from the internet in order to protect. The Securing Energy Infrastructure Act (SEIA) moves to isolate the grids most important control systems through the use of analog and manual technology. With this move towards decreasing grid digitization, can the current connectivity of the system be protected against exploitation?
The most recent cyber disruption to the U.S. western grid this past March has many feeling at unease as it is an indicator of more attacks to come. The Department of Energy identified the disruption as a “denial of service (DDOS) attack.” This event marks an uptick in recent years of cyber-attacks on nation states critical infrastructures. On the offensive front, the United States Cyber Command has been at the forefront of aggressive measures against Russia’s electrical infrastructure. Officials have confirmed penetrating into Russia’s electrical grid since 2012 but with significant increase over the past three months. This makes it clear that cyber intrusions will be met with more evasive offensive measures. As cyberwarfare wages, the U.S. leads with its cyber capabilities and innovative concepts to be employed across the full spectrum of conflict.
While not yet in the cyber race, Pakistan’s geostrategic location puts it at the center of critical relations with world powers including the United States, China, Iran, and therefore at risk for cyber-attacks by its adversaries. Pakistan is a nation that is chronically short on power and its cities regularly experiencing temporary power cuts, majority of it can be attributed to corruption and mismanagement. Pakistan’s entangled energy infrastructure may be a primary target for hostile cyber-actors. Tarbela and Mangla dams are the primary sources for electricity production and water storage, that if compromised, can bring down the country. The country has already been victim to one massive power failure in 2015 which left 80% of the population in darkness. In the event of a massive blackout, airports, railways would be severely impaired if not completely crippled. As the country descends into anarchy, citizens may have to do what they must to feed and protect themselves and their families. The time is now for Pakistan to cultivate a cybersecurity renaissance that will improve the resiliency of the nation’s critical infrastructure sectors. The country must adapt to meet twenty-first century threats.
This is not an apocalyptic science fiction, the possibility of a crisis to this extreme is all too real. Cyber threats are intensifying and the key is preparation to avoid large-scale destabilizing attacks. Critical infrastructures may be a primary target for cyber-attacks as they can inherently bring down a nation if jeopardized. To mitigate threats cyberattacks pose to critical infrastructure, both the government and private sectors must work together. Attacks once perceived to only cause digital mayhem, now have the proven capabilities to cause physical destruction. In cyberwar, there are no rules. Whether a superpower or a developing nation, the stability and future prosperity of all is at risk. Archaic security measures will fail to keep nations relevant as formidable opponents in the cyber apocalypse that is to come. What if you were to wake up tomorrow and find the world has turned has turned dark and time stood still? The lights will go out and you will learn what it means to be powerless as the war of the worlds descends upon us all.
The writer can be reached at bakhtwarm@gmail.com