As it turned out, the country, which has accumulated mountains of nuclear and conventional weapons, is absolutely not ready for cyber war.
The American non-profit organization Bipartisan Policy Center conducted an experiment and tried to find out: what would happen if hackers around the world unleashed a large-scale cyber war against the United States? An exercise called "Cyber shockwave" was conducted, which clearly showed that the country was absolutely not protected.
In the event of massive attacks by hackers from abroad, the infrastructure of wired telephone and wireless mobile communications, as well as power supply systems, may simply fail, which overnight paralyzes the normal functioning of the entire economy of the country.
The training simulation of cyberwar was conducted from the computers of 230 participants in the experiment. All of these people are from defense agencies, security agencies, private security companies, and community groups. Already from the first training session, problems emerged: the state servers responsible for the country's power supply "lay down" after the most common hacker attack.
During the exercise, two scenarios were worked out: first, mobile software began to spread virus programs between phones, which began to actively infect each other. As a result, entire clusters of mobile networks collapsed under load. But why the country's power grids stopped working, analysts have yet to find out.
A simulation of a real war on the Internet showed that in the event of a competent attack, 40 million Americans in the eastern United States could find themselves without electricity after half an hour of its beginning. In another hour - 60 million mobile subscribers will find that their phones have turned into ordinary plastic key fobs that are not capable of anything. And in a couple of hours the financial center of the world, Wall Street, will also be paralyzed.
At the same time, the participants in the experiment checked how prepared the presidential security advisers are for crisis situations, who must quickly respond to attacks. Alas, the officials let us down. During the experiment, they simply fell into a stupor, especially after the "attacks" on the computers of the Pentagon and the US government services began.
Some experiments have shown that the US news agencies are not able to quickly and accurately describe the events that will occur after cyber attacks, which indicates that there are practically no journalists in the country who are able to understand everything that happens in cyberspace and give adequate advice to the population.
The organizers of the experiment warned that most of such attacks are not carried out directly from abroad, but indirectly: first, computers of ordinary users - law-abiding citizens of the country - are infected, and from here servers, for example, of the Pentagon are attacked. At the same time, the owners of computers themselves do not know about it.
But the biggest problem identified by the Bipartisan Policy Center is the lack of legislation that would punish malware distributors. Simply put, the authors and distributors of viruses for mobile phones in the United States cannot be punished in court by any court.
Previously, it seemed that hacking the power grids, the infrastructure of telecom operators, the computer networks of the economic, political and military departments of the United States is quite difficult - the systems are well protected from attacks, especially from the computers of ordinary people. But the massive proliferation of mobile Internet and communicators such as the Apple iPhone is fundamentally changing matters, experts say.
At the end of the experiment, US Secretary of National Security Michael Chertoff admitted that his state is absolutely not protected from the cyber threats of the modern world and promised that the state will take all measures to ensure its own security in the near future. At the same time, he stressed that in recent years the number of attacks against the United States from abroad is constantly growing - primarily at the expense of China and the countries of the Muslim world, offended by the foreign policy of the United States.
- For this, the Americans should say "thank you" to ex-President George W. Bush, - said Michael Chertoff. “We admit that we have not prepared ourselves seriously enough for possible threats from the virtual space. We are very vulnerable. Therefore, in the near future we will adopt a number of legislative and military initiatives to restore order in this area and increase our defenses in the event of computer attacks …
The conclusion made at the Bipartisan Policy Center fit into a 43-second video, located on their website. It says:
“Over the past 10 years, cyberattacks have disabled government and commercial sites in the country. This caused enormous damage to the US economy. We are talking about billions of dollars. When Russia invaded Georgia in August 2008, Georgian government websites were the first to be hit. January 2010 saw Chinese hackers steal information from Google and 30 other major American and international companies. Who will get hit next time?.."
… The importance of hackers in the modern world, meanwhile, continues to grow. The Washington Post newspaper writes that in January 2010, the largest massive hacker attack in the history of the Internet was revealed: 75 thousand computer systems in 196 countries of the world were affected. In the United States, 2,500 companies fell victim to it.
In the course of smart attacks, hackers stole confidential information about credit card transactions, and also inquired about the service logins and passwords of employees of defense and scientific departments of different countries. Experts claim that the criminal group that organized all this is physically located in Eastern Europe …
Larry Clinton, president of Internet security company ISA, comments on the exercise and its results:
- The problem is really huge, and these exercises are not PR. There has been talk that we could be seriously affected by the universal internetization of society since the days of President Clinton. There is a problem, and the further it goes, the deeper it is, and one should not wait for its quick solution. The adoption of a couple of legislative initiatives or the allocation of millions of dollars cannot solve it overnight. When it comes to cybersecurity, all economic incentives work for the attackers: attacking servers is much cheaper than protecting them. Therefore, the attacks will continue. Another thing is fair to say: the rest of the countries also appear to be vulnerable, and even more so than the United States. So the most correct strategy in case something like this happens is to kick back …
