How prepared is the world for a cyberwar?

May 22, 2016

About three years ago I wrote a column predicting that the next major conflict would involve cyberwarfare and cyber-terrorism, with much of the fighting taking place over the airwaves and the internet superhighways. As it turns out, I was only partially right: Battles are indeed carried out over the internet but, regrettably, there is still much conventional fighting going on.
Three years ago the Syrian conflict, now in its sixth year, did not have the international implications it has today. As the conflict expanded, implicating more players and growing in complexity, it was inevitable for it to move into cyberspace.
Do not be fooled by a false sense of relief thinking that cyberwar may be less catastrophic than a conventional one. Well waged, a war over the internet can have effects as devastating as artillery shells and rockets and bombs from warplanes.
Hackers working for foreign countries have broken into a number of important and sensitive US sites, such as the CIA’s main computer at Langley, Virginia, the Israeli Mossad, British and French intelligence agencies, the North American Aerospace Defense Command and a slew of government ministries and private companies’ computers and websites.
Most of what people do today is driven by computers. Banks, supermarkets, businesses, electric grids, heating-and-cooling systems, traffic and air traffic control and so on and so forth. Yes, they are all protected but they are also all vulnerable to smart hackers, of which there is no shortage.
There have been attacks against computers belonging to Exxon, Shell, BP and others, including a number in Central Asian countries. Private email messages were intercepted and their content made public, as was sensitive company data.
According to one source, some countries are using hackers based in Mongolia, China and India. The Mongolian mafia has been very active in this area.
The truly delicate data are not the company’s sensitive personnel files showing how much money a company’s chief executive officer is making or the bribes dished out to smooth the way for a project nor are copies of memos from executive offices. That is just window dressing.
What professional hackers working for foreign governments are after are codes that allow them to intercept the flow of oil and natural gas in computer-controlled refineries or the movement of oil through pipelines. Think of the devastating consequences that taking control of such an operating system would have.
When northern European cities are freezing in the dead of winter and need regular deliveries of gas or oil to heat homes and offices, rerouting deliveries through hacked computers will introduce mayhem on a large scale.
What mayhem will occur when people trying to access bank accounts through automated teller machines realise that their savings have been wiped out? Or when the electric grid is intercepted and cities are left in the cold and dark? Or when credit cards become worthless pieces of plastic? What then?
Of course, there are tremendous precautions taken with guardrails and firewalls in place but hackers continue to refine their skills in a never-ending game of cat and mouse with those trying to keep the computers secure struggling to remain one step ahead of potential disaster.
The war in Syria involves hackers trying to undermine the other side’s computers. The United States recently extradited from Germany two hackers sympathetic to the Syrian government.
An alleged computer hacker sympathetic to the Syrian regime appeared in US federal court in Virginia. He was identified as Peter Romar, 36, an alleged member of the hacking group the Syrian Electronic Army.
Two other defendants in the case, Ahmad Umar Agha and Firas Dardar, were charged with being involved in a “hoax regarding a terrorist attack” and “attempting to cause mutiny of the US armed forces”. Dardar, 27, and Agha, 22, are believed to be in Syria.
Hackers allegedly used a relatively unsophisticated tactic known as “spear phishing” to target computers belonging to media networks, including CNN, National Public Radio, the Associated Press and Reuters, in addition to Microsoft, Harvard University and Human Rights Watch, the US Justice Department said.
In April 2013, hackers managed to post a story on a newswire saying the White House had been bombed and US President Barack Obama injured. That hack caused a temporary stock market plunge. This is just a sampling of the havoc that can be unleashed.