Low-level cyberscuffles between nations may be about to escalate into more serious conflicts. U.S. government officials are reporting a new wave of attacks aimed at sabotage within the U.S., apparently originating from somewhere in the Middle East.
The New York Times reported over the weekend that saboteurs are using probes to look for ways to seize control of processing plants of mostly U.S. "energy companies" — presumably oil and gas producers. Senior officials with the Obama administration said the attacks are aimed at the administrative systems of 10 major American energy companies, which the sources have refused to name.
Tension, Apprehension And Dissension
To be sure, so far no one seems to have independently corroborated these alleged attacks. As such, there's no good way to know whether they are as potentially serious as these unnamed government officials — and, of course, the NYT — would have us believe.
If the warnings are sound, though, cyberwar escalation still wouldn't be a huge surprise. Security experts and government officials have long predicted that hackers bent on wreaking havoc will will eventually become as commonplace as those looking to steal government and corporate secrets.
In February, then-Secretary of Defense Leon Panetta warned that the technology used in cyberattacks is able to "cripple a country, to take down our power grid system, to take down our government systems, take down our financial systems, and literally paralyze the country. That is a reality."
The U.S. and Israel provided the motivation for their enemies to pick up the pace with their cyberattack on Iran's nuclear facilities several years ago. The two allies used the Stuxnet worm to damage centrifuges used in making high-grade uranium that could be used for nuclear weapons, according to the NYT. Experts believe Iran retaliated last year with the attack on Saudi Aramco, one of the world's largest oil producers.
A virus unleashed on Aramco administrative offices wiped out data on thousands of computers, replacing the deleted files with a burning American flag. The hackers targeted Aramco's production facilities, government officials said. The mission reportedly failed because Aramco's administrative offices were on a network separate from that used for industrial control systems. Using separate networks in this way is a best practice recommended by security experts.
The Aramco attack was soon followed by a similar one launched against Qatari energy company RasGas, which also claimed the attack was stymied because its compromised office network wasn't connected to production systems. Israeli officials said Iran's "cybercorps" was behind the assault. Iran organized the group after the Stuxnet attack.
Tit For Tat
These tit-for-tat attacks could be morphing into a new phase of cyberwar where the consequences are much greater than the damage caused by pilfering a company's trade secrets. Any attack that could destroy critical infrastructure — from oil production and the electric grid to manufacturing facilities and water treatment plants — has the potential to affect the lives of hundreds of thousands of people.
Experts have warned for years that industrial control systems that run these facilities are filled with vulnerabilities that could be easily exploited. Fortunately, hackers haven't yet been able to infiltrate the networks these systems are on.
To shore up the nation's critical infrastructure, President Barack Obama issued this year an executive order requiring government agencies to share cyberattack information with private industry. Industry, however, is under no orders to share information with the government, and changing that will require action by Congress, which is struggling with the privacy implications of requiring companies to share data with government agencies.