What Caused the Texas Blackouts?
What Caused the Texas Blackouts?
Mother Nature did this time, but it could be Mother Russia next.
Pop! Rather BRR…
Massive blackouts, freezing temperatures, and a toxic water supply sent millions of Texans into chaos. It seems like Mother Nature got the best of Texas, wiping out the entire power grid, distorting financial markets, and sending millions to seek refuge. (For Senator Ted Cruz of Texas (R), an opportunity to go to Mexico).
Mother Nature keeps taking advantage of America’s failure to upgrade and maintain her internal infrastructure.
What if next week, next year, Mother Russia, not Mother Nature - shuts down our internal infrastructure?
Merry Christmas.
On Dec 24, 2005, Mother Russia did what Rami Malek tried accomplishing for 4 seasons-in 1 day! The first cyberattack against a major electrical grid was conducted far away from any active battleground, and on a day where most Ukrainians are eating borsh and drinking vodka.
Silly Putin, tricks are for kids.
Did I mention Putin takes things literally? State-backed Russian hackers, most of whom are under the age of 25, shut off 30 power-substations (seven 110kv substations and 23 35kv substations) leaving about 230,000 people in total darkness for up to 6 hours. The Kyivoblnergo cyber attack was Moscow’s first successful asymmetric campaign. Its long-term plans of reclaiming Crimea, became a reality in March of 2014. The most amazing statistic was that not one individual died during this takeover.
While America had boots on the ground on two fronts in Afganistan and Iraq, Russia was already deep into a major cyberattack.
Targeting American Nuclear, Thermal, Water, Electric systems.
Targeting Silicon Valley, Wall Street, and America’s Industrial Belt.
For the past 20 years, America has been at war. Not in the middle east, but over the Internet.
Wars are no longer declared, and having begun, proceed according to an unfamilar template- Chief of the General Staff of the Russian Federation Armed Forces.
You’d find it weird that President Trump in 2016 sanctioned over 20 Russian individuals and a handful of companies for a “multi-stage intrusion campaign by Russian government cyber actors”. This was the first time, in US history, where the US Government blamed the Russian Federation for a cyberattack on US soil. It wasn’t just name-calling; the U.S. Treasury Department imposed sanctions on Moscow’s intelligence services as well.
It’s easy to think that cyberwars take place apart from other conflicts, that somehow the Internet is divorced from the reality on the ground. Militaires creating Air Force units in the early 1900s felt the same- dogfights in the air were just battles happening in the air, much like how infantry fight each from trench to trench. It was not until WWII that the concept of a universal battle space - “air, land, sea” emerged. Russia’s modern battle with Ukraine is not just “air, land, sea” or a conventional war. It’s the first battle to merge conventional elements with unconventional such as cyberattacks, social media propaganda, and misinformation deception. Putin unleashed every possible element of chaos he could in Ukraine. He showed the world how effective blending “air, land, sea, cyber, and psychological” elements in warfare could lead to unlimited potential, with minimal loss. Each element of this strategy complements one another allowing Putin to project Russia’s power around the globe, even when it is outgunned and outspent.
Stalin would have loved Twitter.
Everyday Russia is proving that it doesn’t need the biggest weapons to prove its strength, but the fastest weapons to sabotage, discourage, and diminish the Wests’ attractiveness of its society, its culture, economy, and civic discourse.
Since at least March 2016, Russian government cyber actors—hereafter referred to as “threat actors”—targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.
The threat actors, known as Dragonfly, used emails disguised as an invitation to a New Year’s Eve party to unleash their malware virus on intended targets.
Other campaigns conducted during 2016 and 2017 used spear-phishing messages specifically designed with content related to the energy sector. NCCIC and FBI judge the ultimate objective of the actors as to compromise organizational networks also referred to as the “intended target.” In multiple instances, the threat actors accessed workstations and servers on a corporate network that contained data output from control systems within energy generation facilities. Russian hackers are able to shut down energy generators thousand of miles away. The threat actors accessed files pertaining to ICS or supervisory control and data acquisition (SCADA) systems. The threat actors targeted and copied profile and configuration information for accessing ICS systems on the network sending them to Russian intelligence servers.
From the NSA headquarters at Fort Meade to national laboratories that once created the atomic bomb, American scientists and engineers are struggling to maintain a lead. The challenge is to think about how to defend civilian infrastructure the US does not control, and private networks where companies and citizens often don’t want the government lurking-even if it might be to protect them.
Pop Goes the Weasel
The Snowden leaks had major consequences.
For the first time in post-World War II history, corporate America refused to work with the US Government. The Snowden leaks revealed that the NSA was indeed spying on major US technology firms-or trying to at least. Google was hardly the only target of the NSA, but it was outraged when security engineers found out the NSA was trying to siphon off Internet communications of all types. Tim Cook at Apple, a close friend of President Obama, was shocked to realize his good friend ordered the NSA to not only siphon of internet communications but encourage the FBI to begin a public campaign pressuring Apple to give full access to its encryption systems to US law enforcement agencies. Cook argued back, stating that the “US Government is demanding a back door to US citizens everyday life. Your messages, your health records, your pictures to your spouse” and in September 2014 announced that every single piece of user data will be encrypted.
The division between Silicon Valley and the US Government is not good for the American people.
Strife between policymakers on enforcement & data security leaves American citizens, businesses, and infrastructure unbelievably vulnerable-simple due to inaction for the past 20 years.
While Senators and Congressmen consumer their time by yelling at Mark Zuckerberg about the size of Facebook’s like button during congressional hearings, Russia was busy hacking Silicon Valley’s top cybersecurity firm- FireEye.
The Russian hackers used a “novel combination of techniques not witnessed by FireEye or our partners in the past” to steal hacking tools used typically by red teams, which are tasked with launching authorized but offensive hacking campaigns against customers in order to find weaknesses or vulnerabilities before malicious hackers do. These tools mimic the behavior of many cyber threat actors and enable FireEye to provide essential diagnostic security services to their customers.
Putin strikes again- but this time it’s December 2020. By hacking FireEye’s cyberattack analysis tools, Russia is gaining incredible data on how the US and its industries protect themselves against cyber threats.
If Silicon Valley and the US Government worked together- would the 2020 FireEye attack occur? Would the 2020 Solar Winds hack occur? Unequivocally YES!
A Level Playing Field
Foreign militaries have watched the United States with great interest over the last thirty years, and, in some ways, they have mimicked the U.S. approach. This is not surprising, given U.S. conventional successes. Their efforts now include dedicated efforts to use cyberspace for military purposes. As a recent chairman of the US Joint Chiefs of Staff pointed out, more than twenty foreign states have created organizations specifically to integrate cyber operations into conventional planning. Why wouldn’t they? It is natural that they should seek to exploit cyberspace to gain a battlefield advantage over rivals, especially given the shrinking boundary between the digital and kinetic worlds. For military planners, the cyber temptation may prove irresistible.
Cyber is the new Nuclear. There, I said it.
Yet, the nature of the domain cuts in both directions. The peculiar attributes of cyberspace create opportunities for attackers, to be sure, but they also include a number of technical, organizational, and political constraints. Moreover, the operational possibilities of cyberspace also create a number of strategic dilemmas. Even perfectly executed cyber campaigns, just like a nuclear campaign, may produce unexpected and unwanted strategic results, and these problems go beyond the familiar fears about wartime escalation.
The Allure of Cyberspace
It isn’t hard to understand why leaders expect cyberspace to play a central role in future conflict, or why they are enthusiastic about going on the offensive.
U.S. rivals are keen to find ways of overcoming their relative material weakness. They might believe that cyberspace operations will reduce U.S. advantages, especially if they can disrupt the elaborate communications infrastructure the United States needs to project power over vast distances.
Aggressive operations at the outset of a conflict would put U.S. forces on the back foot and policymakers into a hard choice about whether to rebuild and advance against committed defenders.
The logic here is akin to Japan’ strategic calculus before Pearl Harbor, but with the benefit of seizing the initiative without having to do something so provocative.
Chinese military doctrine emphasizes the importance of controlling information in the early stages of any conflict and focuses on what it takes to win under “informalized conditions.” The 2001 edition of the Science of Military Strategy, a highly influential statement published by the People’s Liberation Army, states that precision strikes at the outset of war could “paralyze the enemy in one stroke.” China seems to believe that it cannot win if it does not “seize and control the battlefield initiative, paralyze and destroy the enemy’s operational system of systems, and shock the enemy’s will for war.”
Russia has also moved toward integrating cyberspace operations into conventional offensives, albeit with mixed results in Georgia and Ukraine. For Russian strategists, cyberspace operations disorient and demoralize adversaries before conflict begins and help to neutralize enemy command and control systems afterward.
U.S. allies are developing their own ideas about how to combine cyberspace operations with traditional warfighting, viewing the domain as both a threat and an opportunity.
British Army doctrine, for instance, notes that threats are increasing “as we and other actors become more and more reliant on sophisticated information services.” At the same time, efforts to merge cyber and kinetic operations create new opportunities to debilitate adversary systems, achieve tactical surprise, and control the scope and pace of conflict.
American defense officials also assume that cyberspace operations will play a central role in future conflicts, especially in the early days of the war.
Their public statements indicate that a process to merge cyber and conventional missions is already underway. Although U.S. Cyber Command has spent a great deal of time developing an approach to the competition below the line of armed conflict, it also emphasizes “fully integrating cyberspace operations into combatant commander plans as well as existing boards, bureaus, cells, and workgroups used to plan and execute warfare.” Meanwhile, the regional combatant commands “must identify their requirements for cyberspace operations both as supported and supporting commands in support of this campaign planning effort.”
All of this represents a growing recognition of the link between cyberspace and the physical world. It makes no sense to segregate planning for cyberspace from air, land, and naval operations because the latter cannot operate without the former. Further, cyberspace operations work through physical assets — cables, power stations, server farms, and so on.
Discussions of virtual space and cloud computing obscure the fact that digital information moves through a physical infrastructure. Success requires more than clever code.
It means making sure that the code can reliably travel to its destination. Joint publications note that cyberspace operations can extend operational reach, but, without careful planning in advance, cyber and kinetic attacks may work at cross-purposes.
However, the enthusiasm for cyber operations goes beyond the practical need to secure infrastructure. For policymakers and planners, cyberspace operations suggest a low-cost route to quick and decisive victories. Instead of relying on overwhelming force, cyberattacks undermine an enemy’s ability to mount a coherent defense. Modern militaries are efficient because they coordinate their activities in cyberspace, but this also makes them vulnerable.
In theory, well-designed information attacks will cripple their intelligence and communications before serious combat begins, turning an otherwise bloody battle into a lopsided rout. Armenia understood this well.
These visions of victory, however, might prove to be elusive.
Cyberweapons must be tailored to the configuration of specific networks and machines, very detailed intelligence is required for effective operations.
Conventional munitions can be fired anywhere, but digital payloads are only effective against specific targets. This intelligence is hard to obtain and easy to lose.
Reasonably capable defenders implement routine updates and change configuration settings in ways that frustrate attackers. Firewall modifications, computer resets, and equipment transfers have similar effects. There are many other ways to lose access, some of which are beyond anyone’s control.
A flood at a target state’s server facility, for instance, may require a temporary shutdown and replacement of hardware. Is it safe to assume that the U.S is vulnerable? Is it safe to assume the U.S citizen is vulnerable?
Unequivocally YES!
Just remember to have a solar-powered flashlight if the power goes out next time.