This post is from my series of short essays on cybersecurity.

Before I start discussing technology and challenges in digital world security, let’s take a brief look at why cybersecurity is connected to every life. Last ten years are revolutionary in terms of the information revolution and building a connected world. With the connected world, I mean not only people connected on social networks, but connected systems and processes that impact each of us like the power grid, health care, supply chains, connected cars etc. We are moving very fast in a world where everything is connected and exchanging information at the speed of light. With Internet of things (IoT) devices, it is easy to orchestrate interconnected physical systems with the power of algorithms. In many cases, these interconnected systems are physically thousands of miles apart. Analysts estimated that we have 25 billion networked devices, embedded throughout our homes, clothing, factories, cities, vehicles, buildings, and bodies. Count of networked devices is estimated to be 50 billion by 2030. Networked world is also an opportunity for attackers to launch high impact attacks. Recent Solar wind attack demonstrated how an attacker can penetrate thousands of servers from a single source like patch delivery chain, also known as supply chain attack. Adversaries don’t even need to spend time searching for vulnerabilities in individual networks. It will still take several years to understand the full impact of the Solarwind attack and some of the impact may never be determined.

IoT has abolished the gap between digital information and physical reality.

IoT has abolished the gap between digital information and physical reality. Nation state level attacks can not only cause serious damage to infrastructure, but also could be a strategic advantage to an enemy nation in war time. Advanced Persistent Threats (APT) are sophisticated attacks sponsored by states. One of the best known examples is the 2010 Stuxnet attack. This highly sophisticated worm traveled on USB sticks and spread through Microsoft Windows computers. Goal of the worm was to find and target the particular Siemens Programmable Logic Controllers (PLCs). These PLCs are wired to centrifuges at Iran’s uranium enrichment facility. The worm then alters the PLCs’ programming, resulting in the centrifuges being spun too quickly and for too long, damaging or destroying the delicate equipment in the process. While this is happening, the PLCs tell the controller computer that everything is working fine, making it difficult to detect or diagnose what’s going wrong until it’s too late. Since then several mutations of this worm have become a threat to industrial and energy infrastructure across the globe.

As we are entering into a highly connected world, threats from cyber attacks are also becoming more fearful. State sponsored attackers have sophisticated levels of expertise and significant resources. They could be funded by an enemy nation or large organization with the aim  to destroy or disrupt the infrastructure or steal the information. Anyone familiar with Russia’s war with Ukraine must remember that in the year 2015, waves of cyber attacks strike Ukraine’s government, media, and transportation. Eventually they also badly hit the Ukraine’s power grid and caused the first ever blackout caused by hackers. Attackers were successfully able to turn off the power of thousands of citizens, able to disrupt the sea port’s operation and brought down the supply chain to standstill. 

As Jared Diamond, discussed in his book “Guns, Germs, and Steel – The fate of human societies” how some civilizations empowered with technological advancement like guns and metallurgy are able to dominate other larger communities who lack it. We like it or not, cyber war is a real phenomenon, during full scale war countries will use it to gain strategic advantage to disrupt or destroy the enemy nation’s infrastructure. Nations or companies who are not prepared to build defenses to handle these attacks will be most vulnerable.