In 2021 there were numerous well-publicized cyberattacks. One example is the Florida TeamViewer water treatment plant attack. In February of 2021 a water treatment facility in Oldsmar, Florida had a computer breach. Once the attacker gained access to the facilities network they increased the amount of sodium hydroxide in the water by 100 times. The significance of this event cannot be overstated. With that level of sodium hydroxide in the water, it could have caused serious illness and death. Luckily the attack was caught in time.
Another attack that occurred in early 2020 involved the company SolarWinds. In this event, hackers infiltrated the SolarWinds network and deposited code into the companies software system. According to SEC documents, approx 33,000 companies use the SolarWinds software. In March of 2020 SolarWinds sent out a software update and as customers began the update installation they unknowingly allowed hackers access to their computer networks. Microsoft, Intel, and Cisco were hit, as were federal agencies such as the Treasury Department, Justice Department, and the Pentagon. It should be noted that the country of origin for the hackers – Russia.
Cyberattacks in 2022
With the pending invasion of Ukraine by Russia, many believe we are in grave danger of more cyberattacks this year. Why? The United States and other NATO countries have threatened Russia with severe sanctions should the invasion occur. It’s expected that Russia will respond not with weapons of war, but with weapons of cyberwarfare.
According to Fox News, “A top cybersecurity official Saturday warned that the U.S. is ‘already in a warfare state’ with Russia and said it should prepare for cyberattacks coming out of Moscow.”
The damage that can be unleashed in a cyberattack is truly unlimited.
Consider the following two scenarios
Banking
A locking malware attack infects 80% of computers and networks within the company Comerica Bank. Comerica is one of the country’s largest credit card processors and facilitates many state EBT transactions. Their network comes to a screeching halt on April 12th, 2022. Backup servers are infected as well and the entire system will have to be rebuilt from scratch. The estimated minimum time to get back to full operation is 4-6 weeks.
All customer debit, credit, and EBT cards cease to work. Comerica customers call customer service and receive an automated message telling them that services have been temporarily interrupted. News of the malware attack spread across social media and news outlets. Millions of EBT beneficiaries who depend on the government funds on their cards to buy food find themselves unable to buy anything. Within 48 hours protests erupt in Atlanta, Dallas, Pheonix, and several other large cities as EBT recipients became outraged as “their money” can not be accessed.
States rush to calm nerves as the protests grew in numbers and riots began to occur. Promises to get people “their money” were made, but patience was needed as getting the financial systems set up to have a new processor provide the funds would take some time. How much time? Another week was suggested, but, to those who had empty refrigerators and no milk for their children, the announcement left them more outraged. Violence grew as grocery stores became the target of crowds of people who filled carts and stole all they could. Interestingly, the majority of those participating in this mob theft weren’t even EBT recipients.
By April 24th, 2022 most states have switched to a new financial institution for their EBT programs. Payments are made and the rioting ceases. The damage has been done. Hundreds of people have been injured or killed. Billions lost as a result of property damages.
Power Grid
On March 7th, 2022 at 11:00 am EST a cyberattack reminiscent of the Stuxnet attack of 2010 is carried out in the New England area of the United States. Numerous electrical generating and distribution facilities are infected. What happens within minutes is a combination of equipment which is damaged and network systems that are crashed thereafter. The result: Major portions of New York, Massachusetts, Connecticut, New Jersey, and southern New Hampshire and Vermont are without electricity. Millions of businesses and households are without electricity. Hospitals are on backup generators. Gas stations cannot pump. Grocery stores cannot sell food and food in freezers begin to thaw. Traffic lights no longer work and traveling through cities and towns of any size is problematic at best.
After 7 days nearly 50% of those affected have power returned, however, millions still remain in the dark. Rerouting power has brought power to some dark areas but damaged equipment must be repaired. It’s estimated those repairs will take several weeks to complete as the country is scoured for parts.
Many grocery stores were raided by mobs of locals who went in and took what they needed – and what they didn’t as they had no way of paying for anything. This occurred across the affected states and resulted in riots, and many assaults and murders. Those with less-than-ideal morals took full advantage.
On a positive note, there were several stories of neighborhoods and even some small grocery chains that had massive cookouts with food that was thawing from freezers and was going to go bad due to a lack of refrigeration.
This event did not just affect these New England states. With many financial institutions shut down, numerous financial transaction centers went down as well ceasing millions of debit and credit purchases temporarily. The financial impact on the economy is devastating and it will take years to truly see the impact.
Preparing for Cyberattack
Preparing for a cyber attack that may affect the power grid, financial institutions, transportation, logistics, supply chains, etc revolves around the basics:
Food/Water
Fuel for Vehicles
Cash
Defense
Communication
Medical and First Aid
Seasonal and Geographical Considerations
All that could and should be done within the above categories would require commentary well beyond the scope of this post. In summary – consider what is normally needed on a daily, weekly, and monthly basis and stockpile.
With the issues going on between the United States and Russia as well as China we need to be prepared as cyber warfare will most certainly become something that threatens our way of life sooner rather than later.
Hold on, folks. We may be in for a hell of a ride in 2022.
Rourke
I suppose that Russia is that threat. They have been by assessment for quite a while. You can’t ignore China either .. they are even more capable or at least as much.. State actors are more than two of course.. I suppose there are also No-State actors in the mix that could make it a confused mess … Brute force takes infrastructure.. Vulnerabilities do not, depending on the vulnerability of course.
GG58
I think you far underestimate the recovery time from attacks on the grid. They will go after the main transformers which take years instead of weeks or months to replace and they come from Asia. I have a charter client who is THE guy in charge of importing those things.
I understand your perspective but that was not the scenario provided. You are 100%. That is what makes the threat of EMP so significant – regardless of how likely or unlikely it actually is. Same goes for a solar flare.
What is so very frightening is the fact that the vast majority of Americans and citizens of the world in general are infected with a terminal case of
Normalcy Bias.
The threats mentioned are not wild conspiracy theories.The possibilities are
real and becoming more likely with each passing day.
Most of our friends and relatives have their heads buried in the sand and
absolutely refuse to consider that anything really bad will ever happen.We
care about them but I don’t think that there is much we can do to help.
I’m going to pass this on to the family members and friends that I value but
I can already feel the eye rolling and head shaking.This is a defeatist attitude I know.However many folks have to get bitten in ass before they can understand that the dog is mean.
Thank you for articulating the the various scenarios so well.Maybe we can
get a few people to wake up and pay attention but it is getting very tiresome pissing into the wind.
CaptTurbo is correct on the recovery time.