Imagine the US was just hit with a cyberattack. What happens next?

conceptual illustration of eyes behind pipes - Daniel Zender

Imagine the US was just hit with a cyberattack. What happens next?
MIT Technology Review, October 24, 2019
Computing/Cybersecurity
By Patrick Howell O’Neill

“An oral history of a devastating strike that hasn’t happened yet.”

 

This moment had been 10 months in the making. But no one noticed until last week.

 

  • A group of well-resourced hackers have been combing through the networks of the gas pipeline operator for almost a year, harvesting crucial information. Now the hackers know the network better than the pipeline company does: every piece of equipment, the company’s entire workforce, usernames and passwords. They have the privileges needed to access both the firm’s desktop computers and the machinery of the pipeline itself. Now they are ready to strike.

The US has a lot of cyber-enemies. It trades blows with China, Russia, Iran, and North Korea on a daily basis. A full-blown cyberwar, thankfully, remains the stuff of theory and tabletop exercises. But what happens when one breaks out for real?

 

To better understand how it would play out, we talked to a number of experts in cybersecurity and national security. We asked them to consider hypothetical scenarios, including the one [above] in which unknown hackers have accessed the computers, networks, and hardware of gas pipelines in New England.

 

The potential consequences would range from espionage and intellectual-property theft to more devastating attacks that could leave Boston without power or, in the worst case, cause fires and life-threatening damage. What happens next—and whether it escalates into a real cyberwar—depends on who is on the attack, what their goals are, and how the US responds.

 

The variables at play mean there’s no telling exactly how this would go. But imagining the worst might help us better understand how conflict is changing, and let us plan how to act when cyberwar lands on our doorstep.

 

Our panel was made up of some of the US’s leading experts in cyberwarfare.

 

Sandra Joyce is senior vice president of global intelligence at the cybersecurity firm FireEye, the first company to openly name Chinese government hackers working against US companies.

 

Richard Clarke has worked in the administrations of Bill Clinton, George W. Bush, and Barack Obama. He was among the first high-level White House officials to focus on cybersecurity.

 

Michael Daniel was cybersecurity czar under President Obama. He now leads the Cyber Threat Alliance, a team of cybersecurity companies sharing information on threats.

 

Eric Rosenbach was the chief of staff to former secretary of defense Ash Carter. He led the Defense Department’s cyber activity and crafted the military’s cyber strategy.

 

John Livingston is the CEO of Verve Industrial Protection, a company that handles management of industrial cybersecurity for projects including natural-gas pipelines and other critical infrastructure.

 

Representative Mike Gallagher is a former counterintelligence officer in the US Marine Corps and now cochair of the Cyberspace Solarium Commission, a panel of experts charged with formulating a US cybersecurity doctrine.

 

Senator Angus King is a member of the Senate Select Committee on Intelligence and cochair of the Cyberspace Solarium Commission.

We spoke to all of our panelists individually, and their responses have been edited for length and clarity.

 

 

The good news is we’re the most wired country in the world. The bad news is we’re the most wired country in the world. That makes us the most vulnerable.

Read the Full Article »

About the Author:

Patrick Howell O’Neill is a cybersecurity journalist focused on topics ranging from national security to personal privacy.