Categories
Quick Analysis

Cyber Attack Danger

Kinetic warfare ends lives and destroys infrastructure. There is another type of war, state-sponsored cyberattacks, that costs millions of dollars every year and is one of the most dangerous types of security threats faced by the US today.

Last year the United States experienced a 57% increase in overall cyberattacks. World-wide attacks on corporate networks rose by 38%.  These attacks are responsible for communications interruptions and electrical blackouts, the failure of military equipment, and breaches in America’s national security secrets. In the private sector cyber-attacks on the US have caused financial and intellectual property losses that have paralyzed business and healthcare systems and destroyed whole companies. In 2022 the US healthcare sector suffered an average of 1,410 weekly cyberattacks per organization, which is an 86% increase over 2021. When sophisticated cyber actors steal valuable data, especially when the attack is committed by states with an adversarial relationship with the US, the damage can be extensive. A recent Heritage Foundation report says “…no threat facing America has grown as fast, a manner as difficult to understand, as the danger from cyberattacks.” 

China, Russia, North Korea, Iran and other unfriendly states and hacker groups pose a severe challenge to America’s open society. Currently, Russia presents the most sophisticated cyber threat, according to the report, with China as a close second. Hacking enabled Beijing to skip generations of technological stages helped by its rampant theft of commercial intellectual property. The threat is not new. It is ongoing but occurring on a larger scale with increasing frequency over the last decade. In one single 2015 cybersecurity breach in the US Office of Personnel Management, in a campaign believed to be undertaken by the Chinese government, 22.1 million federal employees had their personnel records with personally identifiable information obtained and exfiltrated using a backdoor tool previously employed by China to target Tibetan and Hong Kong political activists. 

In that same year Ukraine experienced the first ever successful cyber attack on a power grid; another also believed to be of Russian origin followed in 2016. A year ago, immediately following Putin’s invasion in Ukraine, Russia took down several major Ukrainian government and banking websites. Last June Microsoft shared a report that detailed Russian hacking activities and said the country has engaged in “strategic espionage” in 42 countries, including the United States. Russia hacked the Democratic National Committee and last year is believed to have been behind multiple cyberattacks that took down portions of Ukraine’s electric grid. 

Iran and North Korea are much less sophisticated than the two giants, but what they lack in expertise they make up for in malice, according to the Heritage Report. It reports that the 2012 “Shamoon” virus unleashed on the Saudi ARAMCO oil production company was a brute-force attack that destroyed 30,000 computers. Iran also committed cyberattacks against banks, government networks, and public agencies in the United Kingdom.

The US intelligence community in its 2021 Annual Threat Assessment notes that “Iran’s expertise and willingness to conduct aggressive cyber operations make it a significant threat to the security of the US and allied networks and data… Iran has the ability to conduct attacks on critical infrastructure as well as to conduct influence and espionage activities.” North Korea has also conducted high-profile cyberattacks against the US. One of the most notable was launched against Sony Entertainment, in response to a movie negatively depicting the North Korea state and its leader. According to the US report, the hackers took terabytes of private data and released confidential information, including five undistributed Sony movies.  The FBI reports that in 2021 alone, ransomware attacks hit 649 US critical infrastructure entities. Virtually every organization in the United States is at risk from cyber threats. One of the problems in defending against such attacks is that they are hard to identify and defend against in an open society. The US Cybersecurity and Infrastructure Security Agency only recently issued its first comprehensive strategic plan since CISA was established in 2018. It will focus and guide the agency through 2025.

The US cannot forget, though, that although kinetic warfare is visceral and talked about more often in news stories, a more encompassing cyber threat looms beneath the surface.