How to Prepare for Nationwide Cyber Terror

 In early June 2021, millions woke to a massive internet blackout as countless websites across the world went completely dark, including Amazon, CNN, and even the U.K. government.

The source of the outage was traced back to U.S.-based content delivery company Fastly. In a statement to the press, a Fastly representative described the outage as a “global disruption.”

Unfortunately, with Russia facing possible sanctions from the U.S. should the Russian military invade Ukraine, U.S. experts fear a cyberattack against our country in response.

According to Fox News, “A top cybersecurity official Saturday warned that the U.S. is ‘already in a warfare state’ with Russia and said it should prepare for cyberattacks coming out of Moscow.”

In the same article, R.P. Eddy, CEO of cybersecurity firm Ergo, says, “What is Russia’s next move? [Its] very likely to increase cyberattacks. It’s an easy move for them. That means U.S. states and U.S. private companies need to be taking this very seriously.”

Take a minute to reconsider the chaos in June 2021 when Fastly suffered an outage. Then, several major websites, including government websites, went down for several hours, hindering business, communication, and more.

A cyber attack from Russia has the potential to do much worse damage.

Fox News explains, “The cyber expert pointed to the 2017 NotPetya malware attack on critical Ukrainian sectors including power grids, businesses and government agencies. But what started out as a component of a suspected Russian attack on Ukraine spread throughout Europe and reportedly cost billions.”

A Troubling Upward Spike

This threat comes in the wake of other high-profile breaches like the Colonial Pipeline and JBS cyberattacks that shut down oil and meat production across the country. While these have been the most widely publicized incidents, they’re just two examples of the many attacks perpetrated over the past few months.

January 2021 saw more data breaches than the entirety of 2017 – a record that was quickly topped in March 2021, which some have called “the leakiest month we’ve ever seen.”

And while most breached data services have managed to recover relatively quickly, many in the security community are concerned that it’s only a matter of time until a cyber attack causes a significant catastrophe. As former Secretary of Defense Leon Panetta put it, “the next Pearl Harbor could very well be a cyber-attack…as destructive as the terrorist attacks of 9/11.

Why Is This Happening? 

We’re seeing such a massive spike in cyberattacks this year. There are several reasons why cyber criminals and countries are turning to cyberattacks for subversive purposes.

Covid

The pandemic opened the flood gates to cyber terror. Cybercriminals quickly seized the opportunity of the sudden remote workforce and seized new security vulnerabilities. For instance, LinkedIn turned into a cybercriminal hotspot. In April 2021, they suffered a massive data leak that affected 500 million users with personal information scraped from the site.

t’s Surprisingly Easy

Groups create and sell software, so you don’t have to be a tech expert to execute it. Or groups of IT criminals can hire their services out to the highest bidder.

The Terrorists Rapidly Outpacing Governments Defenses

Governments and the bureaucracies that make them up tend to be reactive to threats. We saw this after 9/11, and we’re seeing it now. The U.S. government is just now starting to work defensively rather than reactively regarding cyber threats, such as ransomware. According to IoT World Today, “U.S. Department of Justice in April 2021 created a ransomware task force, after declaring 2020 the ‘worst year ever for extortion-related cyberattacks.”

Bad Actors Are Emboldened by Recent Success

A bad actor is essentially an entity or group that attempts to breach a computer’s security system. Bad actors may be cyber criminals, government-sponsored espionage, or cyber terrorists. The problem is that one group of bad actors could successfully breach a system and cause chaos while another group is already on the way to generating a different type of disruption.

Deep Instinct explains, “[Bad] actors are successfully staying ahead of the curve by constantly reinventing themselves. Each new barrier placed in their way becomes a learning opportunity, forcing criminals to switch tactics and target companies with new attack methods and vehicles. It becomes a game of cat and mouse, but one where the cat keeps changing form, so the pursued mouse is never certain of what it is defending against.”

Small Governments and Bad Actors Have a Big Leg Up

According to the CEO of Fire Eye, “And I don’t know if you will get people to agree to rules on espionage because of the asymmetry where most countries can’t beat us with tanks, can’t beat us with airplanes. But in cyber, maybe that’s where they can make investments and beat us.”

With the use of the internet, social media, and propaganda, countries like Russia and China are already well on their way to gaining footholds in countries like America.

They employ 5th generation warfare tactics to instill fear and create chaos without citizens realizing it is happening until the damage is done.

How to Prepare Today for the Inevitable

When it comes to prepping, you can’t just lump cyberattacks into one big disaster. An attack can take many forms, and you need to be prepared for each. Here are some examples of cyberterror events that could occur on a national scale:

Power

One of the most enormous sitting ducks is the fragile U.S. power grid, which the Government Accountability Office (GAO) says is increasingly vulnerable to cyber-attacks. A major power outage of just a few hours would cost untold billions of dollars in damage. A few days without power would cost many American lives.

The Fallout: Look back to the Texas Power Grid Failure in 2021. KSAT reports, “Four minutes and 37 seconds. That’s how close Texas came to a catastrophic power grid crash during February’s winter storm that would have left more than 25 million people in the state without electricity and wiped out cell service for weeks.” However, it did leave millions of people without power during extreme winter weather, resulting in the deaths of hundreds of people.

While this wasn’t a cyberattack, it could very quickly happen in any other state during the hottest or coldest months of the year.

How to Prepare:

  • Invest in solar power tools.
  • Purchase alternative light sources.
  • Stock up on storable food.
  • Know how to make clean water without power. 

[Related Read: Surviving a Year-Long Blackout: Lessons from Puerto Rico & the USVI] 

Oil

On February 1, 2022, Reuters reported, “Shell said on Tuesday it was re-routing oil supplies to other depots following a cyberattack on two subsidiaries of German logistics firm Marquard & Bahls this week.” We already know this can happen here. A single leaked password allowed the largest petroleum pipeline in the U.S. to be hacked in May 2021.

The Fallout: We saw a lot of this play out with the Colonial attack, but next time could be even worse. People waited for hours to get gas after the Colonial attack, and prices skyrocketed. This was simply a ransomware attack, so it’s not out of the realm of possibility.

How to Prepare:

  • Always keep your gas tank at least half-full.
  • Stock up on long-term emergency food.
  • Familiarize yourself with different routes.

Food Chain

Our supply is vulnerable for many reasons, as Covid laid bare. We could not get food from other countries as we were accustomed to, and transportation of food within the U.S. was crippled. Not to mention the many choke points in the supply chain that can lead to mass disruption. If cyber terrorists attack one of the critical choke points, such as the Suez Canal, we would be up the creek without a paddle.

The Fallout: Look back to the pandemic to see how difficult it became to find meat and consider what would happen if cyber terrorists attacked a significant manufacturer or blocked a choke point in the supply chain.

How to Prepare: