The world is basically a giant computer with cloud-based networks controlling everything from sewage and wastewater to the electrical grid. And as most of us are aware, it’s extremely vulnerable to attack by determined and organized nations.
One expert on cyberattacks initiated by sovereign entities calls them “weapons of mass chaos.” Indeed, they are not precision weapons like smart bombs or even our highly accurate Minuteman III land-based ICBMs. Much of the collateral damage is unknowable and could actually rebound to damage the systems of the attacker.
So wargamers are reluctant to even imagine a large-scale cyberattack. One former Trump administration National Security Council member told Senior Director at the Center for the National Interest Harry J. Kazianis, “A cyberattack is like throwing a grenade but not knowing when, if or upon whom it will explode. It might even explode on you. Pray no nation with a large cyber capacity goes to war deploying such weapons — we don’t really know where it leads.”
The “oops” factor is the key. Just because Russia targets a specific sector of our economy or the military doesn’t mean the malware or virus used to carry out the attack won’t move into the greater computer universe, as those same style computers and servers can power civilian applications as well, and malware loves to spread.
In fact, that is the danger of any sort of cyberwar between the US and Russia or any nation; once you let the malware out into the wild, you never know where it could end up.
Related: New Sino-Russo Alliance Poses Grave Global Cyber Threat
How would Russia go about attacking a bank? One way would be to target a single employee for a malware attack. Disguise an email that appears to be from a friend or family member and includes a link that, once clicked, would hopefully connect to the bank’s network. It’s already happened several times.
But say the malware instructed the network not to dispense any cash from ATM’s — if the bank was big enough, millions of Americans would be denied access to their cash.
Such a calamity could crash the economy in a matter of hours or days.
Here’s where things get a little complex. US cybersecurity experts I have spoken to think Russia has surely compromised at least one or two US banks and has malware and viruses in banking networks ready to go, just lying in wait. So what would those viruses do when activated? Most likely, they will deprive consumers of their cash by infecting the network or computers and servers responsible for basic banking operations. Imagine Wall Street waking up one morning and Wells Fargo or Bank of America telling the world millions of Americans can’t access their cash. Stock markets would crash, there would be runs on banks and mass mayhem.
That’s not all. That malware then gets out into the wild, with anonymous hackers getting the source code and attacking two other US banks just for spite. That’s the great challenge of cyberwar: once you fire off your weapons, that same code can be reused and repackaged to attack others.
Obviously, the United States would retaliate in kind. But that presents another problem: escalation. If Russia were to perceive our attack as more damaging than the attack they initiated against us, they would almost certainly escalate the war to include more systems. Perhaps they might try disabling our satellites or disrupting our air traffic control systems.
This is why Russia is reluctant to start a cyberwar. Since much of the modern world is dependent on these systems, disabling or destroying them would be akin to dropping a nuclear bomb.
If the cyberattack is serious enough, that option might very well come into play.
Join the conversation as a VIP Member