What’s the first thing you think about when you hear the word “terrorism”?
I’ll bet images of bombs and explosions went through your mind — maybe thoughts of 9/11 or Paris as well. That’s no surprise. That’s how we’ve illustrated the word for a long time. But we cannot rely on that illustration alone anymore.
A terrorist’s main goal is to harm others, all the while finding new ways to accomplish it. After every single terrorist attack, the result is brand new rules, regulations and practices that enhance security measures aimed to prevent a similar incident from occurring again. But there’s a new frontier for terrorists where there are very little guards or restrictions — the internet.
For years now, we’ve talked about how identity thieves don’t need to swipe a purse or wallet to conduct their lawless deeds anymore. They can do it from miles away, with no direct contact with the person, and they can do it in a matter of seconds.
So if the “kid in his basement” we like to imagine can hack into your vital information, why can’t a terrorist halfway around the world do it?
The warning signs are right in front of us. In December 2014, Chinese hackers breached the computer system of the Office of Personnel Management, compromising the identities of millions of federal employees. A year before that, Russia compromised White House and State Department e-mail systems in a campaign of cyber espionage. Then of course there’s North Korea’s alleged hack of Sony Pictures amid the release of The Interview.
But those weren’t done by terrorists. And identities of federal employees only scratch the surface of national security breaches. But as more of the things that run our world become computerized, the more they are put at risk.
The events of 9/11 happened because a handful of men were able to bypass airport security, successfully take over control of airplanes, and fly them into buildings. But what if instead of boarding and hijacking the craft, one could just hack into its computerized counsel and take it wherever they wanted to? Security researcher Chris Roberts claimed to have partially taken control of a plane he was on last year.
While the evidence of this hack is sketchy at best, there are bigger targets that impact more people that can make the far-fetched plot of Red Dawn seem a little less far-fetched. What if a terrorist group was able to seize the systems that keep our power on, purify our water; and control our money, factories and communication lines? The only thing scarier is that they already have.
About a dozen times in the last decade, sophisticated foreign hackers have gained enough remote access to control the operation networks of our power grid, according to top experts who spoke to The Associated Press.
The AP discovered through a yearlong process that a real cyber attack on Calpine, America’s largest generator of electricity that serves customers in 21 states and Canada, resulted in a frightening breach of information. Hackers gained access to detailed engineering drawings of networks and power stations from New York to California — 71 in all — showing the precise location of devices that communicate with gas turbines, boilers and other crucial equipment attackers would need to hack specific plants. The hackers also obtained additional diagrams showing how those local plants transmit information back to the company, meaning attackers could hide their activity.
In 2013, hackers accessed the control system at the Bowman Avenue Dam, a small flood-control structure in Rye Brook, about 20 miles north of New York City. In March, U.S. Sen. Chuck Schumer, who attributed the attack to Iran, called it a “shot across the bow” and claimed that the hackers “were saying that [they] can damage, seriously damage, our critical infrastructure and put the lives and property of people at risk.”
While a small dam may sound insignificant, it’s only the beginning of a new kind of warfare that we are just now really starting to understand. And while no such hacks have caused any large power blackouts or communication cuts, those who conduct these attacks are gaining knowledge through these smaller attacks on how to possibly strike a larger cyber blow on the U.S.
Such a blow would be a perverted convergence of 21st century technology and medieval war tactics like blockading enemy ports and bombing factories and railroad lines to cut off crucial food and supply lines to the people. And that can be very effective.
No more do our enemies need to strategize plots to gain access to weapons or build explosives. No more do they need to find sneak through borders or airport security. They can use the ultimate weapon — the maximum amount of destruction with the minimum amount of effort.
If the motivation is there for those who want to harm us, they will always find a way. We need to combat those efforts with our own motivations to protect our computers that protect us. If we don’t, we’ll have a serious problem — a problem that hitting “refresh” is not going to fix.