As a regular follower of this blog, I, and as I imagine most readers, are very familiar with the results of an EMP. This is one of the most discussed topics in the survivalist blogosphere, for good reason. Electricity brings all of us a much easier life, and to prepare for the loss of such is difficult both physically and mentally, not to mention costly. With my electronic devices, those that I continue to use daily, my preparations lie between letting them become paper weights with the effects of an EMP to properly protecting those that are of value and having back-up copies of important documents (electronically and physically). From my understanding of an EMP or a similar event, like a strong solar flare, my limited preparations on this front should protect my key data with some devices reverting to expensively purchased junk.
What I had failed to take into consideration is the breakout of cyber warfare. An overview of the nature of cyber warfare is warranted, although before I start I would like to say my knowledge of such is limited. The majority of my previous knowledge came from corporate cyber attacks. However, I just finished reading Richard Clarke’s 2012 book Cyber War: The Next National Threat and What To Do About It Richard Clarke is the former National Coordinator for Security, Infrastructure Protection, and Counter-terrorism for the United States. Clarke worked for the State Department during the presidency of Ronald Reagan and has a good understanding of this subject. This book is an enlightening read (although politically slanted towards Democrats), and while I wanted to highlight a couple of key points it does not make the leap to the potential impact of the average individual. To summarize, cyber warfare is the directed attack against a nation from one or other nations or other collected rogue groups (such as ISIS or Anonymous). These attacks will take many forms, including denial of services, theft of knowledge, turning off critical infrastructure, and sabotage, but all of it will be the result of technical interference to our extremely wired world. Another good summary I just found yesterday is online.
At this time, the government is frantically trying to keep the genie in the bottle and has regular cyber attack exercises:
- http://thehackernews.com/2017/01/protect-critical-infrastructure.html
- https://www.dhs.gov/xlibrary/assets/preventing-and-defending-against-cyber-attacks.pdf
- http://www.nationalpost.com/hackers+bombarding+bank+canada+with+cyber+attacks+crack+bank+armour+employees/12787790/story.html
While the government is working to protect themselves and critical infrastructure, such as utilities and banking, the average citizen must rely on commercially available security and the Geek Squad at Best Buy. Many of these attacks will not be emanating directly from the foreign enemy but from Trojan programs, such as Logic Bombs, already implanted in domestic computers and similar devices, including all of the ones that we individually own. (Even if you claim to be off grid, you are reading this post somehow on some device.) These programs are implanted through multiple nefarious means from participation in websites, email, and every sort of inter-connectivity to the Internet.
The threat that I found more surprising is the self-destruct programs that may potentially be implanted in devices as well. Many routine household devices– phones, security, and appliances– and automobiles are becoming connected to the Internet. While this allows the usefulness of these devices to be increased, such as the ability to check your home security while out of town or something as simple as preheating your oven on the way home from work, there are also significant security breaches that are very rarely mentioned. Mr. Clarke provides an excellent, and from his understanding a completely feasible, example regarding cyber warfare. Imagine a copier within a company, which is bidding on a job. The copier, through an illegally implanted program using basic recognition software, is sending copies of any document with specific wording referencing the job off-site. At a certain point, those who are stealing the information believe they have enough to sabotage the bid and then send directions to the machine to overheat and start a fire with secondary effects of setting off the sprinkler system or worse.
In my limited dealings with cyber attacks, it is well known that hackers can penetrate and disable equipment from remotely operating someone’s camera to tapping into the electrical grid and other utilities, creating an EMP-like event. It has been also proven that many foreign organizations, most noticeably China, has made a concerted effort on corporate espionage and has been routinely stealing secrets. A good example of this is the Sony hack in 2014, where hackers demanded Sony’s release of the comedy film The Interview because the main plot was to assassinate the leader of North Korea, Kim Jong-Un. This hack was a wake-up call to the impact that nation states can have on cyberspace. It is disturbing to say the least.
Another aspect of cyber warfare is hardware modification. In the same book as referenced above, the U.S. intelligence agencies, through a Soviet defector, became aware of a list of sophisticated weapon components that the KGB was looking for. (The names used identify the timeframe.) Instead of preventing the KGB from acquiring the items, the CIA instead worked to funnel them the items on the list but with modifications that would be extremely difficult for anyone to interpret until the item was utilized, whereupon it would malfunction. While this plan was successful for the CIA, it has also become a known espionage tool, and it is impractical to believe that enemies would not utilize this tool or take it to the next level. This is relatively easy to do when some of the silicon chips today are imprinted with minute details. It is no secret that the majority of our commercial hardware, whether directed towards private citizens or government agents, is procured through China. While some may dismiss the potential change to every computer, only one change has to be made downstream and all computers are modified. It is more difficult to determine detrimental designs when they all look the same and work.
Additionally, in June of 2016, the U.S. government gave up authority over IANA (International Assigned Naming Authority) to a private company ICANN (Internet Corporation for Assigned Names and Numbers) without a great deal of fanfare from the media. Senator Ted Cruz opposed this transfer and as part of his press released suggested the plan would “allow 160 foreign governments to have increased influence over the management and operation of the Internet.” This was done by the Obama administration after a known hacking penetration of his presidential campaign by China. In September of 2016, this letter provided by the Free Beacon identifies the concerns of key intelligence officers in Washington regarding this transfer.
Walking through these various examples, it is not difficult to take a small leap and in the event of a hostile or open war with a foreign country, we could find those tools that we rely upon for information– our computers and televisions– to be interfered with, creating and replicating malware, and in a worst case scenario starting on fire or causing surges to the power grid. If it is possible to create a program that can wipe out your system or cause a fire, which I believe it is, why wouldn’t hostile governments try to implant into every device globally and activate as necessary. My own devices have software that detects virus and bugs on a regular basis. Larger corporations have hundreds to thousands of breeches on a weekly basis.
This has radically changed my thought process on electronic devices. Think of a government designing super weapons. A Chinese intelligent agent devises a plan that utilizes America’s weaknesses (dependency on television for information and foreign manufacturing of such devices) that would be fully activated in any emergency situation to propagate and disseminate attacks on government and primary civilian targets with a final blow to disable the device itself and hopefully creating secondary damages and further straining an already strained system. All of this could be accomplished at a fraction of the cost of a nuclear device but be significantly more devastating without poisoning the ocean or your atmosphere with a radioactive cloud. It would also have a crippling effect on communications and morale. It sounds like a game changer for any war. Any device that connects to the Internet, whether it is your smart phone, computer, or refrigerator, at some level must be considered compromised. It can be utilized for false propaganda, and it is not difficult to imagine all of our devices turning on at the same time and having communist-friendly, Hollywood bimbo share with us the advantages of cooperation and the benefit of the People’s Republic. It can be used as a surveillance device, utilizing recording and locating technology; however, even something without these recording and locating capabilities can still infer data. A television that is connected without any other technology can identify if you are watching something (i.e. somebody is there), that you still have power, and what you are watching. Finally, it can be utilized as a weapon, either propagating programs that are affecting someone else’s computers or potentially cause issues of their own.
So, I started this article discussing EMP; many of you are probably wondering why, at this point, as it has no reference to EMPs at all. A devastating cyber attack could result in an EMP scenario in two ways. First, the attack ultimately disables the grid, resulting in a power outage, or the attack is so disabling that the government mandates the temporary shutdown of the grid. Many of our preparations for an EMP, such as alternative communications, physical documents vs. electronic, protected devices, et cetera are equally useful for a cyber attack as well, and while some may need to be reviewed we can instead focus on preparations specifically designed around cyber attacks. In addition to an EMP thought process, a cyber attack may leave the grid operating but in a weakened state. It would be anticipated that certain functions will be targeted, such as government, banking, media, and logistics– all of which are very dependent upon cyberspace. The general motto of this site to be prepared should help insulate you and your family.