Friday, November 8, 2019

"Hybrid Threats, Terrorism, and Resilience Planning"

An article published by The International Centre for Counter-Terrorism at the Hague (h/t Homeland Security Today). This article is, to be brief, a look at the inevitable terrorist attack that combines a cyber-attack with a physical attack (gunmen, bombs, what have you) on the public or Critical National Infrastructure (CNI). An excerpt:
      One of the critical tools of terrorist organisations is surprise—the event or events they plan and carry out come without notice to the impacted state or private firm. With such lack of notice or lack of transparency as their backdrop, terrorists also know that non-kinetic intrusions into most states or CNI will not trigger a full-on response. Military assets and expertise may remain on the side-lines because no one is (yet) injured or dead. Police and other law enforcement resources await evidence of the commission of crimes. Traditional emergency and disaster response teams and mechanisms may not be alerted or deployed either, at least not until the malware causes cascading CNI failures. Even worse, if the malware is placed and then operationalised transboundary, all of the above tendencies to wait or stand by will be exacerbated by the complications of international cooperation and coordination.

      Imagine that a major European urban centre is hit with a massive electric grid attack in the midst of a summer heat wave. Attackers have combined physical assaults on grid hardware, including transformers and power stations in three states with widely distributed malware that is manipulating and disabling SCADA systems that control power distribution and which are connected to the global internet (Supervisory Control and Data Acquisition (SCADA) is a control system architecture that uses computers to manage physical processes, such as electricity distribution). The assailants on grid hardware and facilities are on the loose, and the suspects were observed but not identified. The malware could not be attributed to any particular location (the computers that disseminated the software are located all over the world), nor to any state, terrorist organization, criminal group, or individual.

      Such a hybrid attack is hardly fanciful. Successful physical assaults on the grid have occurred, and the digital systems that control the CNI in most countries are easily penetrated, due to dated architecture and relatively lax governmental controls. Of course, all the sectors of CNI require electricity to function. In other words, the impacts from such a hybrid terrorist attack could cascade across sectors and national boundaries. After a successful assault on California grid components in 2016, Lloyds of London reported that a serious attack on the U.S. electric grid could result in losses of $243 billion to $1 trillion in the most damaging scenarios.
The article goes on to describe weaknesses with current systems or approaches to secure such systems, and possible remedies.

Additional Reading:

No comments:

Post a Comment

Weekend Reading

 First up, although I'm several days late on this, Jon Low posted a new Defensive Pistolcraft newsletter on 12/15/2024 . He includes thi...