Morgan Wright is a senior security adviser to SentinelOne, a senior fellow at the Center for Digital Government and a former senior adviser to the U.S. State Department’s Counterterrorism Assistance Program.
Imagine – it’s winter. Heating oil prices are rising. Low temperatures are forecast for the next days.
You turn on your TV and hear the first reports of a massive cyber attack on America’s largest pipeline.
Ransomware has infected the company’s computer system by halting operations as IT staff work frantically to stop the spread.
The situation quickly escalated over the next 48 hours, prompting the president to declare a state of emergency.
Gas stations up and down the east coast run out of fuel for hours. Airlines are delaying and canceling flights.
The first signs of panic began. Drivers collect all the remaining fuel and fight for their seats in the pipeline. The company cannot give an exact date when the business will be resumed.
Prices are skyrocketing across the United States as fears of a wider cyber attack continue, despite assurances from the Department of Homeland Security.
Now realize – this is not Hollywood or table exercise.
In April 2021, the same series of events took place after a Russian-based ransom gang broke into the Colonial Pipeline.
A week later, a ransom note popped up on the computer screen in the control room, and the pipeline’s operations were completely halted for the first time in 57 years.
Five days later, operations resumed. But repairing the damage will take months and millions of dollars.
As Russia invades Ukraine and America responds with sanctions, the world faces the possibility of a new Cold War.
As expected, the Kremlin has promised to retaliate against countermeasures imposed on them by the West.
We need to think about what a modern version of the Cold War would look like. It will look very different from the previous one.
In April 2021, a Russian-based ransom gang broke into the Colonial Pipeline. (Above) Sign of an Exxon station in Washington, DC on May 15, 2021, after a cyber attack crippled the country’s largest fuel pipeline
We need to think about what a modern version of the Cold War would look like. It will look very different from the previous one. (Above) Brooklyn, New York students practiced training in preparation for nuclear war with the Soviet Union in 1962.
There will be no massive attack or one blow of haymaker to take everything down. Instead, it will be gradual, focused and continuous.
After the terrorist attacks of 9-11 9-11 Commission was set up to “prepare a full and complete account of the circumstances surrounding the terrorist attacks of 11 September 2001. [and] provide recommendations designed to protect against future attacks.
The biggest lesson we learned was that above all else, we suffered from a “Failure of the imagination.”
The largest terrorist attack in the United States was carried out with fewer staff needed to play a football team.
To protect ourselves from a future Cold War, it would be foolish to dismiss any scenario as “unimaginable.” The world is entering unexplored territory.
The colonial pipeline attack was the first visible attack on critical infrastructure. They were no longer invisible bits and bytes, but dollars, cents and long pipelines.
The next attack on the pipeline may be accompanied by a similar attack on the power grid.
We have seen how difficult it is to defend an attack on one front. What if there were multiple prolonged attacks on two or more fronts?
America’s energy grid is perhaps the most vulnerable. And Russia has the patience to conduct long-term cyber intelligence.
They will use a variety of techniques, including the operation of fragmented “patched” computer systems that manage the network.
Compromising these system vulnerabilities with phishing and phishing emails remains a proven tactic.
Initial support is obtained. Over time, Russian intelligence officers continued to roam the entire system, mapping vulnerabilities, covering their tracks, and gathering sensitive information about operations.
What brand are the circuit breakers? Who made the backup power systems? What version is the software that manages industrial management systems? What do they use for email?
Not every system can be attacked or needs to be attacked. The energy network is extremely Balkanized. Many interfaces between neighboring systems are not as reliable as they should be.
At the moment of Russia’s choice, an attack will be launched.
The goal is to create a cascading series of failures that connect vital resources, cause mass panic and confusion, create mistrust of government messages, and cloud the waters for attribution.
A major attack on the US power grid is expected to quickly cost the economy between $ 243 billion and $ 1 trillion.
In February 2021, the Texas power grid was severely damaged failures related to the cold weather, which led to a loss of electricity for 4.5 million homes, $ 195 billion in property damage and the deaths of at least 57 people.
For comparison, Hurricanes Katrina, Harvey, Maria, Sandy and Irma combined cost $ 497 billion.
Russia has already shown that it can remove large sections of the grid.
America’s energy grid is perhaps the most vulnerable. And Russia has the patience to conduct long-term cyber intelligence. (Above) Electrical substation on February 21, 2021 in Houston, Texas. Millions of Texans lost power when the winter storm Uri hit the state and extracted coal, natural gas and nuclear power plants
On December 23, 2015, the malware BlackEnergy it was used against Ukraine and cut off power to more than 750,000 homes, shut down three power plants and two backup plants, and caused chaos and mass confusion for days.
Russia’s fingerprints will not be directly related to the attack. Unknown criminals will be charged, which Russia will convict as they declare that they too have been the victims of cyberattacks originating in the United States.
Narrative control is a major part of Russian cyberattacks.
Another vulnerable area ripe for targeting is ours dependence on satellites. From GPS to communications to agriculture, the constellation of orbital technology has long been an Achilles’ heel for our military also.
In November 2021, Russia tested anti-satellite weapon against one of the decommissioned satellites. The result was debris that threatened the International Space Station.
GPS satellites provide information to farmers to map their fields and harvest more efficiently. Emergency services such as the police, fire brigade and EMS rely on GPS guides for various public safety features. Even the possibility of getting in your car and launching your favorite driving app will be controversial.
The largest user of GPS data is the United States military. From drones to smart bombs, to jet fighters and refueling tankers, to soldiers and marines on the ground, access to accurate GPS data is a critical requirement for the mission.
Russia and China are actively developing and implementing “GPS jamming and communications satellites” technology. From destroying satellites to interfering with them, our reliance on GPS is worrying.
Equally worrying is the prospect of a targeted attack with an electromagnetic pulse (EMP). This type of attack would seriously blind the eyes and ears of our intelligence-gathering capabilities.
A high-altitude nuclear explosion would generate a huge electromagnetic pulse over 1,000 miles that could fry any electronic component. What would happen to our electricity grid, for example?
According to a study by Oak Ridge National Labs, the collapse of our energy system could affect 130 million Americans, requires 4 to 10 years for a full recovery and imposes economic costs of 1 to 2 trillion dollars.
The targets will not be only the continental United States, Alaska or Hawaii.
It will include places where the United States has a military or intelligence presence. For example Pine Gap in Australia. The loss of intelligence-gathering and analysis capabilities there will affect military counter-terrorism operations, prevent the use of drones and lose our early warning capability to detect missile launches from Russia, China, Iran and North Korea, for example.
The number of opponents capable of conducting an EMP attack is growing, not declining. EMP attacks are included in the military doctrines of China, Russia, Iran and North Korea.
(Above) Author Morgan Wright served as senior law enforcement adviser for the 2012 Republican National Convention.
From Ireland to Iceland to Indonesia, Russia has mapped submarine cables which carry vital traffic for all types of trade, banking, sensitive communications, etc.
Any threat to cut off Russia from the rest of the world could lead to Russia cutting off the rest of the world.
There are additional goals for Russia and their Cold War doctrine that are too many to mention in one article.
However, another consequence of the disruption has become dependence on the technology available to the public and the government, and what happens when access is interrupted. Soon research showed what could happen.
“A survey commissioned by HMD Global, the home of Nokia’s phones and conducted by OnePoll, found that 55 percent of respondents thought battery depletion was a nightmare.” One in eight people say the dying battery actually worries them.
Maybe this is the nightmare scenario that will attract the attention that a new Cold War deserves. We cannot afford to repeat the mistakes of the past.