Earlier this year, a disturbing piece of news on the other side of the world became a prime example of the growing menace of serious cyber attacks. South Korea’s spy agency informed government lawmakers that the number of North Korean cyber attacks had doubled in only one month. That was February – versus January.
North Korea unsuccessfully tried to hack into South Korea’s railway control system and into the computer networks of financial institutions. South Korea’s National Intelligence Service also accused North Korea of trying to hack into the smartphones of 300 South Korean foreign affairs, security, and military officials, successfully penetrating 40 of them.
Americans regularly hear about cyber attacks on major U.S. companies and government entities but little about similar and escalating incidents overseas. In fact, nation-state cyber attacks are becoming a global problem, not one mostly limited to the United States, Russia and China.
Nation-states are regularly launching successful cyber attacks against each other, the frequency continues to grow, and such hostilities, while non-violent, have the potential to morph into something much worse — a major war.
The U.S. is on the list of aggressors. Former U.S. Secretary of Defense Leon Panetta used to talk about the prospects of a “cyber Pearl Harbor.” He and other policymakers have fretted over the possibility that nation-state hackers might shut down parts of the U.S. power grid, blow up oil pipelines, contaminate the water supply, and even send airplanes on collision courses by hacking air traffic control systems.
In the interim, just last month Yahoo reported that “state-sponsored” hackers stole data on about 500 million users in 2014 in perhaps the biggest cyber breach ever. Two months before that, the Democratic National Committee reported an email leak in which more than 19,000 emails and more than 8,000 attachments were confiscated.
In these cases, Russian intelligence agencies were deemed possible or certain culprits. But Russia is only the latest cyber attacker to draw the spotlight. In July 2015, the U.S. Office of Personnel Management was the target of a cyber breach of millions of federal government employee records. In that case, the aggressor was Chinese intelligence agencies.
U.S. entities have also been targeted by North Korea and Iran, which, we learned earlier this year, launched an unsuccessful cyber attack in 2013 on a small dam 25 miles north of New York City in an effort to infiltrate its computerized controls. Some U.S. officials called it “a shot across the bow.” It was a small target but tempting because it controlled actual operations, worse than stealing information.
Fortunately, no truly calamitous attacks have yet occurred in the U.S. In fact, the severity level of cyber incidents so far has ranked an average of 1.65 on a scale of 5, according to The Washington Post. A Level 5 is a threat to infrastructure, government stability, or American lives. The gravity of cyber attacks today is roughly similar to Russian attacks in the Ukraine – they cause damage and are disturbing but remain far short of imminent danger.
The U.S. government’s reaction to nation-state attacks underscores this premise. It has been more than a year since the Obama administration determined it must retaliate against China for the theft of personal information from the Office of Personnel Management. But it struggled to decide what it could do short of starting an escalating cyber conflict. It isn’t clear what the government ultimately did, if anything, because it has not been reported, suggesting whatever was done was minor. Now we’re hearing about similar government hand-wringing in response to Russia’s hacking of the Democratic National Committee.
In any event, the U.S. has no choice but to anticipate the worst. Battlefields oversees have shown that cybersecurity can give combatants an edge. And senior Pentagon and intelligence officials told Congress in March that China and Russia are weighing a plan to attack and disrupt U.S. military and intelligence satellites in a future conflict with missiles, laser attacks and, predictably, cyber tools in a bid to undermine America’s competitive advantage in space.
On a separate front, the U.S. has already entered a race with China and Russia to build destructive cyber weapons that could damage the infrastructure of other nations, according to the head of the U.S. Cyber Consequences Unit, a non-profit cybersecurity advisor to the U.S. government and businesses. CEO Scott Borg has said that all three nations have built arsenals of sophisticated computer viruses, worms, Trojan horses. and other destructive tools.
So where do we stand today on the cyber attack front?
Cybersecurity didn’t become a huge threat overnight, and any possible remedy is well beyond the horizon. So the way the U.S. handled the Chinese attacks on the Office of Personnel Management, however inconsequential, was — for now — probably a wise move. Should a cyber war come, the U.S. can’t back away.
Alberto Yépez is a cofounder and Managing Director of Trident Capital Cybersecurity and Chairman of the Board of Directors at AlienVault and Mocana. He has more than 25 years in the field of cybersecurity both as an investor and entrepreneur. Follow him on Twitter: @alyepez.