We’re just a cyber attack away from chaos and panic
Three challenges facing the United States and other right-thinking nations in the wake of the cyberattack targeting Colonial Pipeline’s 5,500-mile system in the U.S. are as follows:
5 Learn the identities of the people responsible for the attack.
5 Use whatever means are necessary to neutralize the hackers’ ability to conduct more attacks.
5 Ascertain beyond reasonable doubt whether the hackers were working under the direction of some foreign power seeking to damage this country.
Even if all that were to be accomplished — and there is cause for great skepticism about the prospects for that happening — the world would not be out of the proverbial woods in the battle against cyberattacks and the despicable individuals who concoct such operations.
For the United States, the stakes would continue to be very, very high, as evidenced by situations and developments of the past half-decade.
However, eyes were opened nearly 60 years ago — long before personal computers — about a big risk the U.S. could face in decades ahead, specifically in regard to the nation’s power grid.
Back then, during the depths of the Cold War, as recounted in a July 2014 Forbes magazine report, the bases for fear were electromagnetic pulses triggered by the explosion of nuclear weapons.
An electromagnetic pulse resulting from such a weapon exploded by the U.S. military high above an atoll in the Pacific Ocean in 1962, with the aim of evaluating impacts of nuclear explosions in space, played havoc with Hawaii’s electric grid.
Knowledge emanating from that test produced the conclusion that a single missile with a warhead that actually didn’t have to be very large, has the potential to take out the U.S. power grid, destroy this nation’s electronics networks and, quoting from the Forbes report, “create an existential crisis like nothing the world has ever witnessed.”
Fast-forward to this era of personal computers and their capacity to do great harm when in the wrong hands.
U.S. officials got a taste of the terrible possibilities in March 2017 in what the Wall Street Journal in January 2019 described as the “worst known hack by a foreign government into the nation’s electric grid.”
Rather than strike certain U.S. electric utilities head-on, the hack, blamed eventually on Russia, went after what the Journal identified as the electric system’s unprotected underbelly — hundreds of contractors and subcontractors who had no reason to be on high alert.
The Journal added: “Once they had computer-network credentials, they slipped through hidden portals used by utility technicians, in some cases getting into computer systems that monitor and control electricity flows.”
The hack targeted at Colonial caused the company to close its entire pipeline carrying gasoline and other fuels from the Gulf Coast to the New York metro area as it sought to contain an assault that involved ransomware — code that holds computer systems hostage.
The Journal on May 10 described the attack as “a high-profile example of the online assaults that U.S. companies, schools, hospitals and other organizations now face regularly.”
The Colonial situation needs to serve as a wake-up call for the energy industry’s particular exposure to even-more-hostile potential attacks.
The three suggestions offered at the beginning of this editorial are not meant to be a cure-all; they are meant to be the start of something much bigger.
That is because the problem is much bigger than the average person can comprehend.
The internet — the connectivity that allows our power grid and other essential services and infrastructure — brings monumental risk to our daily lives as enemies within and beyond our shores seek to do harm.