Will the next war be cyber?

Next War (1)

In 2018 I moderated a Future in Review panel on Russian cyber meddling in Ukraine. One of my comments during the panel (“What happens in Ukraine doesn’t stay in Ukraine.”) ended up making it into Newsweek only to be inadvertently validated by the Russian election interference news cycle. At the time I was referring to the IoT malware outbreaks that had spread from Ukraine to the rest of the world, not the Russian election meddling about to seize headlines for months.

AWS Builder Community Hub

Ten days later another article in Newsweek drove the issue home: UKRAINE WAS PUTIN’S TESTING GROUND FOR HIS HYBRID WAR ON THE WEST. Nolan Peterson, a conflict journalist stationed in Ukraine, had put it all together and called it a hybrid war.

Maybe it doesn’t even need to be a hybrid war. Maybe it will be a cyber war.

You don’t have to be a military history buff to understand the impact of technology on warfare, from Greek fire or even the horse and chariot  in ancient times, to the role of mechanized armor in the lightning fast and virtually painless French capitulation in early WW2. The ongoing pattern of Russian “trust attacks against culture and systems” suggests the world has already entered a new era of vulnerability unlike any other. And we’re not prepared by any means.

Earlier today I listened to a timely podcast on maritime cyber security. About 10 minutes in it gets quite chilling as the discussion shifts to how easy it might be to capsize a ship and similarly attack control systems from factories to power grids.  In other words, widely available knowledge is enough to threaten mayhem. While hackers would have to know how to manipulate specialized systems in some cases, control systems are fairly universal across vessel types and types of land-based smart buildings.

A recent article on health care cyber attacks similarly explored all kinds of IoT attacks, from shutting down hospitals (which has happened) to generating false findings and records. Conclusion: ships, hospitals, factories, buildings are increasingly sharing interconnected device infrastructures which can be compromised with common cyber attack skills.

What happens in Ukraine could happen anywhere else… based on the motives of the attacker.

Last month I wrote about OT/IT convergence and cyber security, or the connection of more smart devices to the Internet, the resulting attack vector sprawl, and how ill-prepared traditional IT processes and solutions are equipped to protect this new converged infrastructure.

Untitled design (22)

After listening to the podcast I wondered if French military leaders watched the rise of the petroleum era and said to themselves “But that couldn’t happen here” (in French, of course), or were they merely preoccupied with what they needed in WW1?  Are we in the West making the same mistake, measuring military capabilities based on past technologies and circumstances? Do we see these tests as Nolan did, as a very disruptive evolution of warfare? (BTW- Nolan is A former U.S. Air Force special operations pilot and a veteran of the wars in Afghanistan and Iraq)

Given the capabilities of an attacker to take down infrastructure, including ships and hospitals, and bring them up again as needed, are we seeing the emergence of something much more powerful and game-changing?

e-Tron Bomb Anyone?

Remember the neutron bomb that would kill people and leave buildings intact?  How about an attack that shuts down everything “smart” and can turn it back on without having to even land on a beach or cross a physical border. If so, would the next war be cyber and end with a whimper instead of a bang, like the fast conquest of a nation with a proud military history?

Bueller, Bueller…Bueller?

*** This is a Security Bloggers Network syndicated blog from ARCHIMEDIUS authored by Greg Ness. Read the original post at: