OPINION:
Two weeks ago, a cyber strike hit numerous Ukrainian government websites, defacing them and interrupting access. The culprits placed a message on the sites warning Ukrainians to “be afraid and expect the worst.”
Even with the surge of cyberattacks we’ve seen over the past year and with the continual rise in the sophistication of said attacks, it is unfortunately almost certain that we have yet to see what “the worst” will entail.
In late 2015, Ukraine was hit with a cyberattack on its critical power systems, leaving over 200,000 homes without electricity, with temperatures below freezing, for hours. In the years since Ukraine has experienced thousands of cyberattacks. It is almost certainly the case that Russia is behind these attacks.
Notably, it was reported just days before this month’s attack that the United States and Britain had been quietly sending cybersecurity teams to Ukraine to defend against potential cyberattacks from Russia.
It is fitting that the United States would offer this kind of assistance: The International Institute for Strategic Studies released a report this year naming the United States as far and away the most cyber-capable nation, in a tier of its own, with adversaries such as Russia and China in a distant second tier.
Even still, the assistance from the United States was not sufficient to guard against this month’s attack in Ukraine. Moreover, on the day before Ukraine’s attack, an attack in Albuquerque, New Mexico, closed down public schools and shut off the cameras in a local jail.
In some ways, the attacks employed by hackers, whether conducted by nation-states or by criminal organizations, are similar to the techniques used by guerrilla warfighters. Practitioners of cyberwarfare, especially when attacking operational technology, physical assets, and industrial processes, can conduct devastating and effective attacks that are low cost, low difficulty and relatively low risk.
As with guerrilla warfare, even (and maybe especially) the most sophisticated nations are thus vulnerable.
The warning “be afraid and expect the worst” may seem an overly ominous and even sensationalist perspective to take to heart. However, when one considers the grave implications of critical infrastructure — power plants, nuclear plants, pipelines and refineries, etc. — being struck with these kinds of attacks, “expecting the worst” begins to sound like practical advice.
As such, it is sensible that the U.S. is attempting to make cybersecurity a priority. As part of the recent trillion-dollar infrastructure bill recently passed, Congress now aims to invest $1.9 billion into cyber security measures. Included in this is a $1 billion grant program to modernize systems and provide assistance to local and state governments to protect them from attacks from malicious actors. Additionally, it will provide funding to the office of the National Cyber Director and myriad other programs and offices.
This is a good start but ultimately falls short. Suppose the U.S. hopes to defend against the kinds of operational technology attacks rapidly approaching on the horizon which could cripple the very systems on which everyday citizens depend. In that case, there must be a greater focus on operational technology-specific protective measures. These types of measures include securely designed network segmentation, use of unidirectional security gateways, secure scheduled updates and very secure remote access systems. Without meaningful and smart investments in these technologies, the U.S. leaves itself vulnerable to future threats much greater than these recent attacks in Ukraine.
• Lior Frenkel is CEO and co-founder of Waterfall Security Solutions.
Please read our comment policy before commenting.