371. In the Crosshairs: U.S. Homeland Infrastructure Threats

[Editor’s Note:  With Congress’ passage and President Biden signing the bi-partisan Infrastructure Investment and Jobs Act last month, Army Mad Scientist is training its sights on infrastructure vulnerabilities that could be targeted by our adversaries.   The advent of the Internet of Things (IoT) and the proliferation of autonomy means a plethora of ever-smaller wireless internet and cellular antennae, paired with smaller and more prolific sensors, are embedded across public and industrial infrastructure.  This web of networked sensors has, per Chris O’Connor in his superlative post Warfare in the Parallel Cambrian Age, created “an interface between the physical and cyber domains of warfare” that is ripe for exploitation. Our adversaries now present a hemispheric threat, capable of exploiting this broad attack surface across the U.S. homeland, with potentially catastrophic kinetic effects, all the while maintaining plausible deniability.  Read on to learn more about this threat!]

Russia and China present a hemispheric threat to the U.S., having invested heavily in offensive cyber capabilities to gain an outsized advantage against U.S. military, civil, and economic targets in the homeland with limited attribution.

SCADA (Supervisory Control and Data Acquisition) systems are computer-based networked systems that gather and analyze real-time data to monitor and control infrastructure-related critical and time-sensitive processes and events. U.S. SCADA systems — controlling electrical grids, water and sewage supply and treatment facilities, mass transit and rail, traffic controls, telecom and IT networks and systems, and more — lack appropriate cybersecurity protocols and defense capabilities to fend off threats from extraction tools, arbitrary code attacks (RCE), and denial of service (DoS) attacks.

As U.S. cities (and installations) become increasingly “smart” and hyper connected, their threat surface grows exponentially. Power grids, pipelines, water distribution systems, and traffic control systems that are operated and monitored by advanced, automated systems (e.g., NOLAlytics in New Orleans, Metro21 Project in Pittsburgh) require increased connectivity and data storage capacity and capabilities – often relying on cloud services – which provides an opening for malignant cyber actors (Russia and China).

Hospitals and medical centers are especially vulnerable to ransomware and cyber-attacks that compromise sensitive patient data, critical life support systems, and operating capabilities.

Russia has been identified by the U.S. Cybersecurity & Infrastructure Security Agency (CISA) as the most prominent global malicious state cyber actor. Russia’s 2017 NotPetya cyber-attack on Ukraine spilled beyond its target to inflict massive economic damage worldwide, crippling international shipping giant Maersk and causing an estimated $10 billion in economic damage. Russia had launched similar attacks previously — against Estonia in 2007 and Ukraine in 2015.

Russia also sanctions, or at least condones, cyber-attacks and ransomware operations by cybercrime and hacking groups that originate in the Russian Federation. NOBELIUM, a state-connected hacking group, responsible for the massive SolarWinds hack, is assessed to be conducting a broad, large-scale attack campaign against global supply chains, IT networks, and DoD systems. While Russia does not appear to have sponsored the cybercrime group DarkSide’s ransomware attack on the Colonial Pipeline, it makes no effort to prevent or deter the operations of such groups in its territory.

While China has been far less brazen and confrontational in its cyber approach than Russia, the PRC poses a significant and complex long-term cyber threat to the U.S. and its infrastructure. Beijing has largely used its cyber prowess and capabilities for espionage and technology theft.

China continues to build up a substantial cyber-attack capability with a whole-of-nation approach that includes hacking and attack groups across the People’s Liberation Army (PLA), civilian government, and even “private” student groups. China is mapping and targeting networks across a variety of U.S. industries and organizations – healthcare, financial services, defense industrial base, energy sector, government facilities, chemical plants, critical manufacturing, communications, international trade, education, legal, and even video gaming – in preparation for a possible future “zero-day” attack.

According to an assessment from the President’s National Infrastructure Advisory Council, current U.S. government and military cyber defense capabilities are disconnected and scattered across a wide swath of agencies, departments, and sub-units in a complicated labyrinth that is extremely challenging to coordinate and navigate.

 

Kinetic threats to infrastructure are still extremely concerning, not only from state actors, but from non-state actors and proxy forces, as evidenced by Houthi drone and missile attacks on Saudi Arabia’s oil industry in March 2021 and Abha airport in August and September 2021.

Attacks on or sabotage of supply chains can have adverse effects on the homeland in a similar way to a ransomware attack on hospital can (time = death). China and Russia have ample opportunity to either disrupt the supply chain through cyber-attacks or, more covertly, poison the supply chain with routing manipulation or compromised goods that will either fail or act as sensors.

Our adversaries can target the Nation at the granular level (citizens and Soldiers alike) via the ubiquity of social media and much improved deepfake (voice and video) AI technology, exploiting our inherent biases and eroding our trust in national institutions, elected leaders, commanders, and comrades-in-arms. This is an easily democratized threat vector — anyone (great and lesser powers, non-state actors, multinational corporations, and super-empowered individuals) can develop and employ them. Due to our anchoring and confirmation biases, these technologies are particularly effective components of much larger Information Operations.

For much of its history, the U.S. homeland has been blessed by the protective spans of the Atlantic and Pacific Oceans, with our key infrastructure largely out of reach from our adversaries.  No longer!  The Internet of Everything with ever expanding hyper-connectivity continues to broaden our nation’s attack surface, providing a tempting “Achilles heel” for all potential adversaries seeking to “punch above their weight.”  Investing in infrastructure hardening, building national cyber resiliency, and clearly delineating the consequences for attacks on U.S. homeland infrastructure are warranted courses of action.

If you enjoyed this post, check out the following related content:

The Future of War is Cyber! by CPT Casey Igo and CPT Christian Turley; Blurring Lines Between Competition and Conflict; Sub-threshold Maneuver and the Flanking of U.S. National Security, by Dr. Russell GlennThe Convergence: Hybrid Threats and Liminal Warfare with Dr. David Kilcullen; and the associated podcast

Warfare in the Parallel Cambrian Age, by Chris O’Connor; Military Implications of Smart Cities, by Alexander Braszko, Jr.; Army Installations: A Whole Flock of Pink Flamingos, by proclaimed Mad Scientist Richard G. Kidd IV, et al.; and Integrated Sensors: The Critical Element in Future Complex Environment Warfare, by Dr. Richard Nabors

Russia: Our Current Pacing Threat, The Bear is Still There: Four Insights on Competition with RussiaHow Russia Fights, and the associated podcast; Competition and Conflict in the Next Decade and China: “New Concepts” in Unmanned Combat and Cyber and Electronic Warfare; and China and Russia: Achieving Decision Dominance and Information Advantage, by Ian Sullivan

Weaponized Information: What We’ve Learned So Far…, Insights from the Mad Scientist Weaponized Information Series of Virtual Events, this series’ associated content and videosWeaponized Information: One Possible Vignette, and Three Best Information Warfare Vignettes

How Big of a Deal are Drone Swarms? and A New Age of Terror: New Mass Casualty Terrorism Threats by proclaimed Mad Scientist Zachary Kallenborn

A House Divided: Microtargeting and the next Great American Threat, by 1LT Carlin Keally; The Exploitation of our Biases through Improved Technology, by proclaimed Mad Scientist Raechel Melling; and The Erosion of National Will – Implications for the Future Strategist, by Dr. Nick Marsella

>>> REMINDER:  Army Mad Scientist Fall / Winter Writing Contest: Crowdsourcing is an effective tool for harvesting ideas, thoughts, and concepts from a wide variety of interested individuals, helping to diversify thought and challenge conventional assumptions. Army Mad Scientist seeks to crowdsource the intellect of the Nation (You!) with our Fall / Winter Writing Contest’s two themes — Back to the Future and Divergence – check out the associated writing prompts in the contest flyer and announcement, then get busy crafting your submissions — entries will be accepted in two formats:

Written essay (no more than 1500 words, please!)

Tweet @ArmyMadSci, using either #MadSciBacktotheFuture or #MadSciDivergence

We will pick a winner from each of these two formats!

Contest Winners will be proclaimed official Mad Scientists and be featured in the Mad Scientist Laboratory.  Semi-finalists of merit will also be published!

DEADLINE: All entries are due NLT 11:59 pm Eastern on January 10, 2022!

Any questions? Don’t hesitate to reach out to us — send us an eMail at: madscitradoc@gmail.com

Disclaimer: The views expressed in this blog post do not necessarily reflect those of the Department of Defense, the Joint Staff, Defense Intelligence Agency, Department of the Army, Army Futures Command (AFC), or U.S. Army Training and Doctrine Command (TRADOC).

Share on Facebook Share on LinkedIn

Leave a Reply

Your email address will not be published.