Cybersecurity awareness, if established in the highest echelons of government or the military can set the stage for effective national cyber defense. When these threats are assessed and resolved by high level military thinkers the systematic response to risk can significantly influence a nation’s long-term approach to resolving and actively combating cyber risk.
Tthe military’s experience on the cyber battlefield were defined through countless years of tireless defense of a broad range of critical infrastructure. The result of this experience is a wellspring of insights learned, and tested protocols that could be the missing link to providing a comprehensive defense the 16 sectors of critical infrastructure.
With the risk to critical infrastructure growing by the day, the time has come to take a deep look into the lessons learned from decades of military cyber defense and understand what steps can be taken to protect nations vital industries from cyber-attacks.
When did the military begin to take cyber seriously?
More so than almost any other organization or strategic government agency, the military has been at the forefront at blending innovative technology with the needs and security requirements of core sectors of critical infrastructure. This innovative vision has ensured that vital national assets are insulated from coordinated cyber-attacks and the endless range of evolving digital risks targeting nationally important industries, such as energy, water management, and transportation.
But innovation cannot alone secure critical infrastructure from the dizzying array of malicious actors determined to compromise data and change the equation on the digital battlefield.
With a long history of applying innovative technology to large scale areas of national defense, militaries from around the world have been applying their technical expertise to protecting critical infrastructure from diverse and evolving cyber threats for decades.
Cyber risk in the 1970’s & 1980’s
In the United States as early “as early as 1972, consultants for the DoD warned of serious vulnerabilities in computer and network security, and the importance of cyberspace to national security became a pressing concern after the end of the Cold War.”
This US government directive appears astutely timed as “In the late 1980s, the German hacker Markus Hess and several associates were recruited by the KGB to penetrate computers at American universities and military labs.”, proving the assumptions of the Americans right.
For other nations, the wakeup call came in the form of large scale, publicly covered and widely destructive cyber-attacks the likes of which the world had never seen before. Led by Russian military hackers as well a cohort of western nations, cyber-attacks focused on broad swaths of vital national infrastructure in the 2000’s set the tone for a new climate where the cyber battlefield could post potentially more damage than any head-to-head confrontation ever could.
Where once soldiers and the vehicles of production were targets now all 16 critical infrastructure sectors are at risk to a barrage of attacks, system compromises and data extraction methods, all done in most cases without anyone knowing the difference.
Which events shaped the military’s approach to cyber arena:
1) Russian cyber-attack on Estonia, state level attack on a gov’t through cyber in 2007
In April and May 2007, Estonia became the focus of a coordinated cyberattack originating from the Russian Federation. Over a three-week period, a range of government and parliamentary websites, ministries, as well as banks SMBs and news outlets were all targeted, predominantly by a Distributed Denial of Service (DDoS).
2) Russian attack on Georgian critical infrastructure in 2008
Researchers at Shadowserver, a volunteer group that tracks malicious network activity, reported “hostilities between the Russian Federation and Georgia weren’t an extraordinary occurrence by itself since there have been violent conflicts in the past that range back decades. But this altercation between the Russians and Georgians was different. The Role of the cyber-attacks in the conflict was heavily influenced by cyber elements. Up to this conflict, cyber warfare only referred to sole cyber-attacks by one party on to another or solely between hackers without any other measures taken.”
3) Stuxnet attack on Iranian nuclear facilities in 2010, planed as early as 2005
“Many consider the 2010 Stuxnet attack as the next level in cyberwarfare. The hack involved “a self-replicating cyber worm which infected hundreds of computers (as well as the cyber network they operated on), and successfully shut down the Iranian nuclear centrifuge facilities in the county of Natanz.”
What is at risk for critical infrastructure?
According to a recent Deloitte report: “Currently, most critical infrastructure protection programs only address physical threats, leaving states vulnerable to cyber threats ranging from service disruption to public safety concerns. States need to expand their risk mindset to include cyber risks and lead a statewide, public-private collaboration focused on sharing information, raising awareness of roles that all groups involved should play, and establishing a unified response to cyberattacks on critical infrastructure.”
Bill Woodcock, Research director of the Packet Clearing House, that tracks Internet traffic said “cyberattacks are so inexpensive and easy to mount, with few fingerprints, they will almost certainly remain a feature of modern warfare. It costs about 4 cents per machine,” Mr. Woodcock said. “You could fund an entire cyberwarfare campaign for the cost of replacing a tank tread, so you would be foolish not to.”
What made the threats real?
Rise in state sponsored hacking
“With massive manpower and even deeper pockets, state-sponsored hacker networks pose a never-before-seen risk to individuals and businesses. Driven as much by political as economic motivation, state-sponsored cyberattacks can cause devastation to critical infrastructure and data.”
Increase risk to critical infrastructure
From water and energy to utilities and strategic national infrastructure such as ports and waste management facilities no sector is safe from the threat of hackers and malware.
Existential threats to civilian populations
Between increasing media coverage of attacks on vital industries, public pushback against lack of preparedness compounded by tangible destruction to essential resources valued by the civilian sectors, civilian pressure results in government action.
With the pace of coordinated cyber-attacks targeting critical infrastructure and civilian populations growing by the moment, now is the time to look at the hard-fought lessons and strategic thinking established by the military in its decades long fight to mitigate cyber risk.