– The Barriers To An Intensive Conflict Between The Superpowers Have Been Lowered
The United States faces imminent danger from a devastating cyber-attack against its electric power grid. This attack is more probable because a Revolution in Military Affairs has weakened the deterrence traditionally associated with conventional and nuclear weapons, changed the escalation ladder, and consequently lowered the barrier to intensive conflict between the superpowers.
A new form of cyber-attack against the electric grid has emerged in the form of a “non-shooting” war between Nation States. This type of attack might take place between superpowers as something that is short of use of conventional or nuclear force.
There is a popular myth that cyber weapons can be made “by any teenager in a basement using software downloaded from the web.” This is not at all true if we consider the target. It is not everyone who can write the specific code needed to disable an electric power grid. Apart from the programming skills, they need to have superb knowledge of the grid itself, how it works, and the specific equipment being made the target of the attack. They must understand the operational procedures of the specific facility being targeted.
Russia is the best prepared to defend against cyber-attack and use cyber as a strategic weapon. During an extreme international crisis, a massive Russian cyber-attack against the entire U.S. electric grid prior to the outbreak of conventional or nuclear war is likely, to deter or defeat the U.S. with “gray-zone aggression” instead of or prior to outbreak of a “real shooting war”: consistent with Russia’s military doctrine that Cyber Warfare is an unprecedented and decisive Revolution in Military Affairs.
China is likely to make a massive cyber-attack against the entire U.S. electric grid prior to the outbreak of conventional or nuclear war, or during an extreme international crisis, to deter or defeat the U.S. with “gray-zone aggression” instead of or prior to outbreak of a “real shooting war”: consistent with China’s military doctrine that Cyber Warfare is an unprecedented and decisive Revolution in Military Affairs.
Iran has a moderate chance of inflicting temporary but substantial damage to the electric grid, primarily in its supporting information processing operations. It is unlikely that Iran would be capable of cyber-attacking the entire electric power grid of the United States.
The Non-State Actor does not have the capabilities of a superpower, or of any Nation State. It lacks the engineering skills, money, and infrastructure to develop a cyber-weapon as complex and sophisticated as Stuxnet. Cyber-attacks by Non-State Actors against the entire U.S. electric grid are an unlikely event. Cyber-attacks against regional (or city) electric grids are more probable but would be unsophisticated and primitive.
For U.S. relations with both Russia and China, the emergence of viable paths to cyber- attacks against critical infrastructure as a new strategic weapon has lowered the barriers to conflict, and presents a heightened danger with the potential to disrupt the long-standing balancing calculus dependent upon nuclear deterrence.
Cyber-Attacking Electric Power Grids: A New Strategic Weapon
The United States faces imminent danger from a devastating cyber-attack against its electrical grid. This attack is more probable because a Revolution in Military Affairs has weakened the deterrence traditionally associated with conventional and nuclear weapons, changed the escalation ladder, and consequently lowered the barrier to intensive conflict between the superpowers.
In April 2021, Russia massed troops on Ukraine’s border apparently threatening an invasion, raising alarms in the U.S. and NATO. Ventriloquizing for the Kremlin, Putin intimate and director of Russia’s state-run international media giants, RT and Sputnik, Margarita Simonyan, in a TV interview declared:
“Russia will invade Ukraine, sparking a conflict with the U.S. that will force entire cities into blackouts…All-out cyber warfare, nation-wide forced blackouts.”
“War is inevitable,” according to Russia’s Simonyan, “I do not believe that this will be a large- scale hot war, like World War II, and I do not believe there will be a long Cold War. It will be a war of the third type: the cyber war.”
–“In conventional war, we could defeat Ukraine in two days. But it will be another kind of war. We’ll do it, and then [the U.S.] will respond by turning off power to [a major Russian city like] Voronezh.”
–“Russia needs to be ready for this war, which is unavoidable, and of course it will start in Ukraine.”
–Russia is “invincible where conventional war is concerned, but forget about conventional war…it will be a war of infrastructures, and here we have many vulnerabilities.”
–“I’ve been agitating and even demanding that we take Donbas [eastern Ukraine]. We need to patch up our vulnerabilities as fast as we can, and then we can do whatever we want.”
–“We only lose if we do nothing,” agreed Russian TV interviewer Vladimir Soloviev. “He argued that by absorbing parts of Ukraine—or the entire country—Russia would be able to remove the zone of American influence further from its borders,” reports Julia Davis.
Russian TV described cyber-attack options ranging from small-scale to existential threats, including: blacking-out part of New York City (Harlem was mentioned), or blacking-out the state of Florida, or blacking-out the entire continental United States. To defeat the U.S., according to Russia’s Simonyan: “We don’t even need the nukes.”
Just weeks after the above Russian cyber-threats, in May 2021, the U.S. Colonial Pipeline was hacked, shutdown temporarily. Cyber-attacks can destroy pipelines, causing them to explode. Colonial Pipeline is crucial to fueling U.S. military power projection capabilities from the east coast to protect NATO, or to help Ukraine, during a Russian invasion. That is why the Colonial Pipeline was really targeted, not for the millions paid in ransom, but as a demonstration of Russia’s cyber-power.
The Colonial Pipeline cyber-attack proves Russia is not bluffing.
Moscow’s Cyber War knockout blow—blacking-out U.S. electric grids and other critical infrastructures, has been planned for years:
–March 2016, U.S. Government Joint Technical Alert warned Russia’s cyber-attack Dragonfly: “Targeted government entities and multiple U.S. critical infrastructure centers, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.”
–2017, the Department of Homeland Security (DHS) disclosed, as headlined by Wall Street Journal and Newsweek: “Russian Hackers Could Have Caused Electricity Blackouts In The U.S.”
–March 2018, Reuters reported: “Senior U.S. intelligence officials said…the Kremlin believes it can launch hacking operations against the West with impunity.” Russia “staged malware…and gained remote access into energy sector networks.”
–July 2018, DHS warned of Russian cyber-penetrations into hundreds of U.S. electric utilities. These cyber-attacks were probably the simulated “tip of the spear” for VOSTOK-18, a major joint Russia-China strategic exercise held in September 2018, practicing World War III.
–December 2020, DHS disclosed Russia’s Solar Winds cyber-attack penetrated 18,000 U.S. Government and private sector agencies and corporations, including the Defense Department and U.S. Cybersecurity and Infrastructure Security Agency. Damage is still being evaluated.
On Sunday, April 11, 2021, the world woke up to alarmist complaints by Iran without proof blaming Israel for an attack on its electrical grid. Power supplying its Natanz nuclear processing facility disappeared. At the same time, newspapers in Israel were boasting that a cyber-attack engineered by its scientists and secret service had been responsible for this disaster. Of the three parts to the electricity grid –a) Generation; b) Transmission; and c) Distribution – here the attack had been on the distribution side. An “electrical substation located 40 to 50 meters underground” was destroyed. “[T]housands of centrifuges” used to separate Uranium-235 from Uranium-238 had been put out of service, at least temporarily. The strategic implications were grave. An electrical grid was being used as a strategic weapon to impede Iran’s path in violation of its obligations under the Nuclear Non-Proliferation Treaty towards creation of an atomic bomb. Here, interference with the electrical grid was used not to disrupt Iran’s economy and society, but instead to injure a strategic military facility with pinpoint accuracy. As the press continued to reverberate the story, discussion widened to consider cyber-attacks as a means of war.
According to the Office of the Director of National Intelligence:
“Cyber threats from nation states … will remain acute. Foreign states use cyber operations to … damage … physical … critical infrastructure. … [W]e remain most concerned about Russia, China, Iran, and North Korea.”
From 1965–2020 there were 68 blackouts in the United States affecting 100,000 or more persons for at least 1 hour and comprising at least 1,000,000 person-hours of disruption. Can a cyber- attack be used to turn an electrical grid into a strategic weapon? If so, then what type of planning would need be done by a rival effectively to harm the United States?
Attacking Electric Grids—A Tool Of Strategic Conflict
The United States is a superpower. Even its enemies know it should not be attacked lightly. There must be a reason, and that reason must fit into the grand strategy of the attacker. At the heart of the matter is “why?”. What is the strategic logic? What type of international crisis would be severe enough to drive a rival Nation State to launch a major cyber-attack against America’s electrical grid? We know that motivations vary, and so do the capabilities and boldness of attackers. For the time being, however, let’s assume the reason is there. If this is the case, then the question becomes “What type of cyber-attack?”
Of course there are different levels of attack, ranging from small irritating skirmishing actions to a major attack aimed at taking out electrical power for a region of America or a single large metropolitan area. At the top extreme is an all-out attempt to disable the nation’s entire electrical grid aiming to plunge the country into a chaotic and horrifying darkness. For a small Nation State, it is doubtful they could assemble enough capability successfully to launch a cyber-attack nationwide against such a giant electrical grid in its entirety. One of America’s rival superpowers could.
Cyber-attacks by tradition are broken down into two classes. One type is the “supplementary” variety, the other is “stand-alone”. In the supplementary form, cyber-attacks are used to assist projection of military force. Cyber becomes one of many tools in a military confrontation. The highest priority targets usually are the command and control systems of the enemy’s military. Only if the conflict reaches a higher level of intensity does it become a possibility to engage civil society targets. If there were cyber-attacks on both military and civilian targets, and these were being deployed as a supplement to national military force, then this would mean the parties were engaged in a “Total War.” This is the highest and most unfortunate level of conflict, but if we follow the traditional and accepted concepts regarding nuclear deterrence this scenario is unlikely between the superpowers. Under traditional strategic defense theory, all-out cyber conflict would take place only as an adjunct to either conventional or nuclear war.
Does this logic still hold? What about other types of attack? In the stand-alone form, cyber-attacks are launched from one Nation State to another without being a supplement to ongoing use of conventional or nuclear military force. These are “cyber-only” attacks. Not associated with a declared war, they often are anonymous. After all, a weaker attacker does not wish for a stronger power to know they are the source of the problem, because this would expose them to retaliation. To avoid a such a response, the smaller fry tend to “fly under the radar” in an effort to hide in the dimly lit vastness of cyberspace.
A new form of cyber-attack against the electrical grid has emerged in the form of a “non-shooting” war between Nation States. This type of attack might take place between superpowers as something that is short of use of conventional or nuclear force. Some argue that “non-kinetic” cyber-attacks are not an “armed attack” under international law and thus there is no right given to a Nation State for self-defense under Article 51 of the United Nations Charter. Consequently, they argue, this lowers the chance of kinetic retaliation. With less to worry about, the result has been a perceived relaxation of inhibitions governing the use of cyber-attacks by Nation States. For example, one observer has stated that under some circumstances, Russia might take steps to injure the American electrical grid in response to a move by the United States in support of the Government of Ukraine. Such a scenario might happen in this sequence: a) The separatist areas of Eastern Ukraine become involved in an internal fight with their Government; b) When violence escalates, Russia moves in to protect the majority Russian-nationality population, which perhaps is demanding a plebiscite on breaking away from the Ukraine and becoming an independent state or joining Russia; c) The United States makes the mistake of intervening in this civil war and launches a cyber-attack against the electrical grid of Russia or parts of it, such as a city; d) Having been attacked, Russia always responds, so it launches a counter cyber-attack against the mainland of the United States and takes out an equivalent part of the American Electrical Grid.
According to a commentator on Russian state television:
“I do not believe that this will be a large-scale hot war, like World War II, and I do not believe that there will be a long Cold War. It will be a war of the third type: the cyberwar.”
The damage inflicted would be short of conventional or nuclear war, and as expected for reckless national security advisors who have not seen real war, the barriers to adopting a strategy expressed as a cyber-attack against the electrical grid consequently would seem to be lower. This is a new development in strategic defense theory. It envisions a central war between the superpowers without resorting to conventional or nuclear forces. Instead, they will rely on cyber-attacks.
Cyber Has Automated Espionage
Cyber has automated espionage. It now is hundreds of thousands of times more effective than any other type of spying. Intelligence gathering is aimed at both the opponent’s Civil Society and government, including its military forces. Since the mid-1990s, a massive amount of information has been exfiltrated from even our most highly-protected and “secure” targets. The pilfered information covers a comprehensive range of topics including military, technological, political, industrial, strategic, personnel, and others. Cyber espionage has more than proven its worth. It is “cost effective.” This would be beautiful in another context, but here, it is the United States that has been the victim harmed the most. A paradox of cyber is that the most advanced Nation States are the most vulnerable to attack with this quirky and asymmetric weapon.
For the purpose of understanding cyber-attacks against the electrical grid, we must note an important sub-class of espionage – the practice of gathering up technical intelligence regarding the networks and interconnected devices within the territory of one’s opponent. At first, this sounds like a giant and overwhelming assignment, particularly if one is considering mapping and making sense of the networks within an entire Nation State. Indeed it is that. Nevertheless, with the use of automation, it is in fact possible to map such giant infrastructures, and even develop a database that contains basic information about many if not all of the connected devices. Of course with technological developments such as the Internet of Things (IoT), and IPv6, the number of inter- connected devices theoretically can approach 1027 devices per person, yet this vast number also is within the range of automated mapping.
Apart from the technological wizardry of automated mapping, this form of espionage has an important and serious function. It makes it possible to pinpoint the best targets to attack. Automated mapping can locate the Internet-connected control devices in an electrical grid. Once that is done, the identity of these critical devices can be determined. Their identity known, internal cyber-dependent components can be dissected. When a hacker knows how something works, they can figure out how to stop it from working.
Next, malware can be created, then inserted into the foreign infrastructure. In some cases, such malware is designed merely to be there in case it is needed. It remains dormant. This is a type of pre-positioning that allows a Nation State to have code ready inside the infrastructure of an opponent. It is safe to assume that the infrastructure of the United States has been mapped, penetrated, and is full of pre-positioned code from enemies ready to strike.
Even if there is no pre-positioning of malware, the use of cyber intelligence to identify key electrical grid control technologies has enabled enemies to write code that can be used to turn these devices into the equivalent of bombs.
You can read the entire PDF written by Dr. Edward M. Roche of the EMP Task Force on National and Homeland Security here as well as read it in full embedded at the bottom of this story below videos. (Click to Source)
We’re so happy to be able to offer you the highest level of Excellence
in a Comprehensive Telehealth Membership Plan
that just about everyone can absolutely afford.
The only thing you can’t afford, is to be without it!
PLEASE CLICK HERE FOR MORE INFORMATION!