A country’s heart and soul is its infrastructure, which includes – but is not limited to - communications, power, oil and gas, transportation, and financial institutions. These are all critical to the operation of a nation. In wartime, these are often designated as initial military targets, because when compromised, it will create confusion, panic, disconnection, and disruption of communication and transportation. Bombs, cruise missiles and commando forces were generally the way to deliver strikes on such internal national necessities; today there is a new option.
Anonymous infiltration through the Internet and/or cellular technology presents the ability to disrupt and destroy infrastructure targets remotely, in a very clandestine way. The world is still in the infancy stage of this electronic warfare.
Exploiting the weak cyber links in the connected chain of a nation’s infrastructure
Technology changes fast and daily. Preventing cyber-attacks has become a cat-and-mouse game. Just like when the Department of the Treasury releases a new ‘counterfeit proof’ hundred dollar bill, from the time it hits the streets, people inclined to do so are driven to find a way to make fake currency. In spite of the incorporated security measures in the new bill release – often counterfeiters are successful.
Staying one step ahead of currency counterfeiters is very challenging; staying one step ahead of cyber criminals is even more so. Some of the world’s brightest minds are focused on aspects of this new cyber war, both as implementers and protectors. A number of countries have been recruiting young people who have displayed a high level of technical savvy and ability, and arrange for their further education and training, creating a tech army of individuals armed with the knowledge to exploit that nation’s cybercrime and warfare goals.
The game is on, and the stakes are extremely high. Cyber warfare is coming from many different directions, with many different objectives and targets. Recently, the United States Office of Personal Management was hacked in a cyber-attack. Millions of current and former employees’ personal and professional information was successfully stolen; Social Security numbers and other confidential data for every federal employee is believed to have been accessed. In addition, the very private profile on employees – background uncovered during their government job vetting process – was able to be viewed and taken. Financial info was also believed to have been compromised, including items related to debt and income.
There is a whole range of valuable uses for this data by the country responsible for carrying out this cyber-attack, including the ability to identify which United States government employees might be most susceptible to be tempted to betray their country, based on traits and history documented in their individual files. Agents operating secretly and under the radar were also exposed in the cyber-attack. This was a massive cyber-attack on America, the extent and ramifications of which are still being analyzed and determined.
Other countries and organizations are also using the Internet to recruit followers to assist in terrorist acts against the USA. The FBI announced that 21, 000 to 30, 000 English speaking Islamic State followers, who are US citizens have been contacted by the Islamic State – via emails, messaging and social media – and directed to communicate back using encrypted messaging that is extremely difficult, or impossible, for the US authorities to access and view. Social media is being expertly used to make the initial connection with targeted potential lone wolf recruits.
The Internet connects the world and makes it a much smaller place; however, these same connection paths have other, more sinister possible uses by those who want to exploit security measures through cyber means.
Private sector internet security compromises can be government security threats
Recent cases of data breaches with big retailers and financial institutions, like United Airlines and the Stock Exchange, show that the vulnerability is there. Foreign countries and individuals are penetrating our systems. Many US corporations are interwoven with the government in some way, and because of this, data compromises can have a devastating impact on the entire nation.
The economy, and consumer confidence are affected by breaches in the security of retailers; many companies that serve the public also have government contracts and interactions at all different levels. Oil refineries and power grids may be government regulated but privately owned. During the various yearly seasons, they often hire temp workers. Though security cleared, this can be a weak link for infiltration that can be exploited by a diligent and determined plan. Once inside, a temp worker can further evaluate the infrastructure weaknesses and take that valuable information back outside to further shape a targeted plan of attack.
How to prevent cyber attacks
Spy vs spy continues. The goal is to stay one step ahead of the possible threats. Recent security compromises have displayed certain vulnerabilities, and highlighted the need for more diligent risk assessment and stringent implementation of additional security and counter measures. There are always loop holes that need to be identified and closed up.
The United States government knows the countries that the majority of these cyber-attacks are emanating from, as well as the scope of their desire to succeed. Unfortunately, many government systems still use somewhat archaic technology, and the private sector has generally been hesitant to assist the government with cutting-edge encryption technology; this could change in the future.
We are also moving in the direction where countries will enact legislation that will continually compel those in the private sector – especially industries related to infrastructure – to adapt a certain higher standard of government mandated cyber warfare security measures. Currently, private enterprise would greatly benefit from a cybercrime risk assessment from an agency outside of their own organization. Penetration testing can be done to determine how easy it might be to gain access into systems through the lens of those out there with that determination.
Companies need to learn more about how to mitigate risk with an assessment of both physical and tech systems. Vulnerability assessments should be ongoing, incorporating another set of eyes and ears. Many times it may be just to validate security measures already in place – but often it will identify a weak link that may have been considered strong just a few months ago – before the race of technology rendered it a potential area of exploitation.