Cybercriminals could cripple the US by targeting just 10 critical components in an electrical network, experts have revealed.
The attack would begin with 'a series of cascading failures,' first shutting down essential service providers, like 911 call centers and healthcare providers, and then spreading to critical infrastructure.
Americans would lose access to energy, water, financial services, public transportation and cell phone networks, resulting in severe ramifications.
Morgan Wright, a former senior advisor in antiterrorism at the US State Department, told DailyMail.com that 'civil unrest' and a 'breakdown in the social order' would soon follow.
The world had a taste of what a cyberattack could do when a flawed update was issued by cybersecurity firm CrowdStrike last month, causing 8.5 million Windows computers to malfunction.
The misstep impacted airlines, banks, supermarkets, TV stations, and many other industries worldwide.
Microsoft experienced a second outage on Tuesday, which impacted many of its services and companies that use its tech for about 10 hours.
The tech giant later admitted that its services were taken down by a Distributed Denial of Service (DDOS) attack that was 'amplified' by an error in the company's cyber defenses.
Eric O'Neill, a former FBI counterterrorism and counterintelligence operative, told DailyMail.com that foreign spies have spent over a decade looking for security holes in infrastructure to leverage for conducting catastrophic cyber attacks
They have already found ways to disrupt America's fuel, power, water, communications, and education systems as they look to exploit our reliance on these essential resources, he continued.
An attack of this kind would have dire consequences for US citizens, such as even killing Americans on their soil, warned Nicholas Reese, a cyber expert and adjunct instructor at the Center for Global Affairs at New York University.
He explained that a cyberattack on 911 call centers would deprive patients of urgent medical care.
Meanwhile, hospitals would see a disruption in intensive care units and operating rooms, causing medical equipment to falter and patient deaths.
'Deliberate large-scale attacks on critical infrastructure would not be executed with the goal of inconvenience,' Reese said.
'They would be executed to cause domestic turmoil as a means of power projection.'
Describing an attack on this scale as a 'significant act of aggression' against America, Reese suggested it would require a serious response from the government.
That could mean the nation is dragged into a military conflict with the perpetrator.
Cybercriminals are aware that taking control of essential resources, like energy and water, would be the way to cripple the nation, the experts said.
This was experienced in 2021 when a hacker group known as DarkSide shut down the Colonial Pipeline that supplies oil to much of the US East Coast.
The five-day disruption caused localized shortages of gasoline, diesel fuel and jet fuel, which led to panic-buying as consumers feared gas would run out.
'We saw a microcosm of how citizens would respond during the Colonial Pipeline ransomware attack,' explained Wright.
'There was a run on gasoline because of a 'perceived' shortage of energy, not an actual one.
'The unrest only took hours to swell because of social media and incorrect reports of what actually happened.'
In light of the Colonial Pipeline chaos, O'Neill believes that a cyberattack on US power supplies would have a similar ripple effect for all Americans.
'Without power, citizens would lose communications, air-conditioning, heat, water when we turn the tap and lights when we flick the switch,' he said.
'Business would grind to a halt, finances would be unavailable and hospitals would be unable to provide care, and so much more.'
To conduct such an attack, O'Neill said the perpetrator would likely target the Supervisory Control and Data Acquisition (SCADA) networks, which help manage industrial equipment because they are easy targets due to insufficient cybersecurity and outdated software.
'The orchestrated attack would require numerous, synchronized attacks against different components of the power grid' he explained.
'But with our networked economy and supply chain, taking down just one major section of the US power grid would throw the country into chaos.'
No comments:
Post a Comment