Throughout history, those engaged in conflict have always used the most up-to-date technology to advance their cause and achieve specific goals. In every war, breakthroughs have been utilized to combat actual or perceived foes using scientific advancements.
Yet, conflicts nowadays are no longer limited to conventional battlefields; instead, they may be found on the internet—a foe that is both nimble and quick-footed. Cyber attackers know that our civilizations rely on the digital world, and if they can disrupt and destabilize it, they may secure a significant victory with a single mouse click.
The Stuxnet worm
According to experts, Stuxnet damaged many centrifuges at Iran’s Natanz uranium enrichment plant by burning them out. Other organizations modified the virus as time went on, focusing on electricity generators, water treatment plants, and gas lines.
Stuxnet was a multi-part virus that infiltrated Windows computers, spread via USB drives, and damaged industrial control systems. The malware examined each hacked machine for signs of Siemens Step 7 software, which industrial machines with PLCs use to automate and manage electro-mechanical equipment.
After the malware discovered a PLC computer, it downloaded fresh code from the internet and began issuing malignant instructions to the PC-controlled device. At the same time, fraudulent data was sent to the control system. If left unchecked, this could cause serious damage.
According to cyber intelligence sources, in 2012, Stuxnet was downloaded onto the Natanz uranium enrichment plant’s systems. The “worm” malware infiltrated networks and targeted machines that ran Windows software to automate and manage electro-mechanical equipment.
Once the virus completed the uranium measurements, it began destroying itself and making the uranium useless.
The program’s objective was to decrease the quality of uranium, which is why the virus first targeted the centrifugal equipment speed at the facility. It would then appear normal to those monitoring it, resulting in a “steady state.” Uranium’s destruction would be revealed only when the facility’s equipment began to self-destruct. By that time, Stuxnet would have completed its goal.
But the code for this virus was made public. Others have since modified it to target other infrastructure installations, including water treatment plants, gas lines, power stations, and communication networks.
In the dark: Crucial industries confront cyberattacks
According to McAfee, in 2011, companies resorted to hiring former hackers because they could not find enough people with the right skills to protect their networks. The Center for Strategic & International Studies highlighted the following worrying facts:
- Extortion is the most prevalent cyber threat faced by the worldwide energy industry.
- Cyber-attacks have targeted approximately 80% of Mexican power corporations.
- More than a fourth of the world’s energy suppliers have been blackmailed.
- 60% of power companies in India have been infiltrated.
- “Duqu,” a variation of Stuxnet, has been found in energy plants across eight countries.
The digital world is a battleground
Historically, invaders have attacked water and food sources to weaken their enemies. In World War II, for example, utilities and industrial cities were destroyed to hamper the war effort of the invading armies. These methods are still being employed today because they’re effective; our opponents could be thousands of miles away behind computer screens, but they could launch real-world assaults that affect us all nonetheless.
We are at war and must change how we think to adapt to this new battlefield. Any of us could be a target. If we’re going to beat our enemy, we must first understand the new landscape and rules.
Cybersecurity is more important than ever
The need for cyber security has never been greater. With the advent of the internet, our lives have become increasingly dependent on technology. We rely on computers for everything from communication to banking and entertainment. But this dependence comes at a price. As our lives move online, we become more vulnerable to cyber-attacks.
And these types of threats are becoming more common and more sophisticated. Hackers are no longer content to steal our information; they now want to disrupt our lives and our economy. In 2017, we saw a major cyber-attack that crippled Britain’s National Health Service. The WannaCry ransomware attack encrypted data and demanded a ransom for its return. The attack caused widespread disruption and cost the NHS millions of pounds.
In 2018, we saw the biggest cyber-attack in history. The NotPetya virus infected computers worldwide, causing billions of dollars’ worth of damage. The virus encrypted data and demanded a ransom, but the attackers failed to provide a way to decrypt the data. As a result, many companies lost access to their vital data.
These attacks show us that we are vulnerable. They also show us that our current approach to cybersecurity is not working. We need to do more to protect ourselves from cyber-attacks.
We can take many steps to improve our cybersecurity, but we need to start with a fundamental change in how we think about security. We must first move away from the notion that security is something that can be achieved by technology alone. Technology is important, but it is not enough. We also need to change our mindsets.
Understand the threat
The first step is to understand the threat. We must educate ourselves about the nature of the threat and the people behind it. We need to be aware of the techniques they use to attack us. And we need to understand the vulnerabilities that they exploit.
Change our mindset
The second step is to change our mindsets. We need to think about security as a process, not a product, and incorporate it into everything we do. In other words, we need to be proactive, not reactive. And we need to work together to make our world a safer place.
The third step is to take action. We need to implement the changes we’ve talked about and invest in cybersecurity to ensure that we are capable of responding to cyber threats quickly and efficiently.
The bottom line
Cybersecurity is important because we are at war. Our enemy is agile and fast-moving, and they are using technology to launch attacks on a scale that we have never seen before. We need to change our mindset and our approach to security. And we need to work together to make our world a safer place.