The announcement of a sixth subterranean nuclear test has the world talking about how to contain the threat of a nuke-ready North Korea, but there is another concern getting insufficient attention: the potential for full spectrum cyber war.
Just what that might look like is known, but seldom discussed.
Remember the NASDAQ flash crash? It happened on May 6, 2010, at 2:32 pm and lasted for more than 30 minutes. Still not ringing any bells? It was a trillion-dollar stock market crash.
(Yes, THAT flash crash.)
At the time, a minority in the cybersecurity community believed that crash was a hack. Some time ago the Washington Post chided the tendency to cry “hacking” when something systemic fails.
“The 2003 Northeast blackout was first blamed on hacking, the 2010 ‘flash crash’ was first blamed on hacking.” That said, James Lewis opined, “Evil mad-genius hackers who want to wreak mass havoc on society because they are in a bad mood don’t exist in real life.”
Fair enough, but evil state-sponsored hackers do want to wreak mass havoc on the societies they deem to be the enemy.
I would counter that it is probable, not just possible, that cyberattacks will shut down the power grid (that may have already happened in the Ukraine), erase or paralyze financial data systems (see above) or cause military equipment to malfunction in the near future.
Come to think of it, that last possibility may have already occurred, too.
Certainly very odd
“It certainly is very odd that so many incidents have taken place in a relatively short period of time,” Finnish computer programmer Harri Hursti told me.
Hursti said vulnerabilities in GPS technology would be the logical place to start any investigation into the U.S. Navy mishaps that have plagued the Pacific fleet this year, but pointed out that there was not enough information about the systems used to make an educated guess at what may have happened.
He did go on to say that pseudolites (a contraction of pseudo-satellite) might have been involved, since these mechanisms are capable of sending false information to the kinds of receivers used in marine navigation.
The unpredictability of war
Say what you will about President Trump’s missteps (and I sure have), he’s right about the need for stealth when it comes to wartime decisions. And make no mistake, with or without missiles flying, we are at war with many nation states—although North Korea seems to be first among them.
“A one-time event is unpredictable,” said Ondrej Krehel, CEO and founder of LIFARS, a digital forensics and cybersecurity intelligence firm.
We were discussing the crash of the Navy destroyer USS John S. McCain, specifically the possibility that the “steering failure” experienced by that ship was a hack.
Earlier hacks made it at least conceivable. There was the infamous example where white hat hackers were able to kill the engine of a Jeep driving at the upper speed limit on a highway and still other car hacks, including speculation that the one-car crash that killed journalist Michael Hastings may have been the result of a hack as well.
“Anything is possible,” Krehel told me.
“All the systems on a ship are interconnected.” Listing the various modes of possible attack, including a man-in-the-middle take-over of the destroyer’s satellite navigation system, Krehel said the most likely mode was one that would be undetectable, and has not been discussed much in media reports.
“Implants,” Krehel said. “That would be impossible to detect.”
Krehel was talking about cyber organisms that live in memory systems, migrated there through spearphishing campaigns targeted at specific personnel, which is still the most common way this kind of infiltration occurs. The organisms have the ability to create complete system failure, destroying all data in the process, including the bug.
When it comes to cyber protections, it is a truism that for every knock on the front door, there are a thousand-fold attempts at windows, side doors and vents, and human beings are the weakest link in any system.
“The beauty of this kind of attack,” Krehel told me, “is that when it shuts down the system, it is deleted. There is no trace.”
Forewarned is forearmed
In our post-Wikileaks, post-Stuxnet world, we know state-sponsored cyber war exists, and the capabilities are unknowable.
As I’ve said elsewhere, things that look like freak accidents, glitches of technology, could be acts of war. It is simply impossible for anyone outside of the Pentagon to know for sure.
President Trump announced recently that Cyber Command would no longer report to the NSA but would rather, and finally, be elevated to a “Unified Combatant Command.” This means that it would be a military operation in its own right, on an equal footing with the other commands overseeing military operations worldwide.
It is up to Defense Secretary Gen. James Mattis to sort out exactly how this will happen, something that may get lost in the shuffle while the world scrambles to get a nuclear muzzle on North Korea. It’s imperative that we stay focused on Cyber Command at such a crucial juncture, because while we look at the sky for scudding missiles, a worm could very well turn off the lights.