In this five-part series CISO Brian Lozada examines the state of cybersecurity in our nation’s critical infrastructure, what is at risk, what makes it unique and what measures can be taken to bolster its safeguards.
Read Part Two
Read Part Three
Read Part Four
Part One
As technology continues to advance, so does the potential for increased cyber threats against our nation’s critical infrastructure. Unlike physical warfare, the distance between the attackers and the victims is irrelevant in cyber attacks, thus creating a bigger threat that proves even more difficult to identify, prevent, respond to, and recover from.
The potential for an actual cyber war is being realized with the idea that violent extremist groups and nation-states can partner together and be just as destructive as the terrorist attacks of 9/11. Former U.S. Secretary of Defense Leon Panetta (2012), noted: “the collective result of these kinds of attacks could be a cyber Pearl Harbor; an attack that would cause physical destruction and the loss of life” (as cited in Osawa, 2013).
Many cyber experts are debating the notion of whether a cyber war against our nation is a possibility in the near future and, thus, are preparing for it in the event it should occur.
With the cyber sphere emerging as a new battleground for warfare, cyber crimes are expected to become increasingly sophisticated in the wake of this ever-changing threat landscape. Although fatalities may not occur as a direct result of a cyber-warfare scenario, cyber attacks —especially attacks against the nation’s critical infrastructure — are part of a larger act of aggression, which, in turn, could indirectly result in the loss of many lives.
Once cyber espionage turns to warfare and impacts our critical infrastructure (shutting down power grids, telecommunication lines, transportation, commerce, and every action of daily life) the world will finally realize the impact of cyber warfare. In addition, the recovery efforts of a major cyber warfare attack would be significantly greater given that most companies and infrastructures are not prepared and have not invested in cyber incident response and recovery tactics.
In the next article in the series I will more closely examine these evolving threats, the challenges of cyber warfare and the key adversaries the United States faces on the digital battlefield.