We are in Cyber World War 3, but it hasn’t been formally acknowledged and it may never be. But, if you look at the facts, you can see the U.S. is being targeted… often. These attacks are being launched at Western corporations as well as critical infrastructure.
Iran has targeted banks and a dam in Rye, New York, and their activity could have resulted in a loss of human life. China attacked and stole 22 million OPM records on government workers, including the most sensitive date comprising sexual partners and family members. This can be used for blackmail very easily. Russia has attacked the Ukrainian electrical grid and was recently able to penetrate electric utility control rooms in the U.S.
The hackers, working for a state-sponsored group previously identified as Dragonfly or Energetic Bear, broke into utilities’ isolated networks by hacking networks belonging to third-party vendors that had relationships with the power companies, the Department of Homeland Security said in a press briefing on Monday. Officials said the campaign had claimed “hundreds of victims” and is likely continuing, the Journal reported.
“They got to the point where they could have thrown switches” to disrupt the flow power, Jonathan Homer, chief of industrial-control-system analysis for DHS, told the Wall Street Journal.
“While hundreds of energy and non-energy companies were targeted, the incident where they gained access to the industrial control system was a very small generation asset that would not have had any impact on the larger grid if taken offline,” the DHS said in a statement Tuesday. “Over the course of the past year, as we continued to investigate the activity, we learned additional information which would be helpful to industry in defending against this threat.”
It may be a matter of time before these activities become classified as real acts of war instead of virtual ones but, in the mean time, U.S. citizens and corporations are on the front line.
Large businesses and those in certain spaces, like financial or medical, may consider the need for business continuity systems because of the industries they are in. Many small and medium companies, however, may not realize there is a new threat to the free flow of electricity in the West.
As a result, they are likely not prepared with UPS systems and other power protection solutions that can keep them up and running, regardless of the state of the electrical grid. Understanding the risks is the first step in ensuring your business is prepared. There is a new threat. It is Russia, China, Iran and other nation-states who are hostile to the U.S. and its interests.
In this war, all citizens and companies are on the front lines but, sadly, the current government shutdown has lowered the nation’s cybersecurity defenses, making the situation far worse. Every company should be aware of what could happen and prepare accordingly.
Edited by Erik Linask