The New America Future of War conference occurred yesterday on April 9th and, among the topics discussed, perhaps most disturbing were the potential cyberattack scenarios presented by a panel of experts from the financial, military, and cybersecurity industries.
Military Times reported on the information presented on the panel. The underlying theme from experts in all areas was that there just wasn’t much media coverage of cyberattacks that have occurred so far. Without that exposure to raise awareness, it’s easy to be even less concerned and prepared than we should be.
The Military Times article cited this specific comment from the conference:
“Robert M. Lee, a former National Security Agency cyber expert and current CEO of Dragos Inc., pointed to a new development that is a first in cyberattacks.
A piece of malware called Trisis was used to sabotage an industrial control system of an electric company. But it was more than just an attack on electric power.
“It was the first piece of malware specifically designed to kill people,” Lee said.
The malware would allow hackers to access controls that could cause leaks or explosions, rather than simply switching off power to parts of the grid.
But both in that incident and ones preceding it in recent years the actual events garnered little public acknowledgement by government leaders nor responses that would help deter such attacks."
The enemy is watching that lack of response, noted Peter W. Singer, author of the novel “Ghost Fleet: A Novel of the Next World War.” And as with the emergence of autonomous cars, it will take the first tragedy to bring more widespread awareness.
The cyberattacks that are hitting every other industry these days can have a quick and deadly effect on troops on a battlefield. One particularly insidious type of attack would involve the use of face-altering software commonly used in the movie industry and becoming ever more realistic and accessible by the day, thanks to huge leaps in the computing power available to the average user. Singer called it “the melding of the real and the fake.” Video comms could be intercepted and digitally altered in real time, for example, showing a speech that never happened or significantly altering battlefield footage to mislead the troops on the ground or in the air to make potentially catastrophic decisions (anyone remember the start of the Schwarzenegger flick The Running Man?)
Often, we focus on how to recover from brand damage and loss of customers after a breach, but in this case, we need to focus even more on preventing these types of attacks from happening, rather than reacting to them after the damage has been done. Militaristic cyberattacks can lead to actual loss of life, not just loss of funding.