Creating Monumental Havoc

"To my mind, the most critical thing is our grand vulnerability is not to physical terrorism, but to a cyber-attack on our critical infrastructure ... power ... gas and water, transportation, banking communications ... opponents who have real capability to survey these systems stand a chance of developing a technique for causing them to collapse."
Whitfield Diffie, public key cryptography

Hacked By Def Con Press Preview during the 2016 Tribeca Film Festival in New York City. (Rob Kim/Getty Images for Tribeca Film Festival)

In January an Austrian aerospace company lost $54-million when its corporate treasury management system was hacked. A proliferation of ransomware attacks hold medical facilities, police departments and municipal governments hostage for release of their systems on receipt of money extorted by hackers. Estonia experienced the first national cyberattack against its civil infrastructure courtesy a lesson from Moscow, it is assumed.


In December of 2015 Ukraine suffered a coordinated cyberattack against its civil authority when it lost power in parts of the country through an attack on its power grid. More latterly, in February a bold cyber theft of $81-million was extracted from the Bangladesh central bank’s holdings in the New York Federal Reserve Bank when skilled cyber-criminals customized an assortment of malware to run on the bank’s own computers, issuing apparently 'legitimate' SWIFT monetary transfer orders.

These can all be viewed possibly, as practise runs for a potential wide-ranging and hugely destructive cyberattack meant to take a government completely off guard, causing a catastrophic failure of compromised software breaches, or even a collapse of an entire national power and communication system. The vulnerability of private enterprise, government agencies, pan-national organizations are realized when they are found to be inadequately prepared to defend their systems.

There is universal fear of physical terrorist attacks, and the reasons are abundantly obvious in their horrific loss of life. Yet a widespread and devastating cyberattack has the potential to shut down all aspects of daily life and security in any affected country that could find itself helpless and undefended through such an attack. A group like the Islamic State of Iraq and the Levant, with its phalanx of highly educated Western recruits skilled in computer science, the Internet and security could achieve a triumph of downing communications and infrastructure on a wide scale.


Moscow, Beijing or Tehran all have experts in Internet communications and malware applications and the emerging capability to destroy the ability of states to secure their systems through human error leading to lax oversight. If power plants could be shut down or distribution chains put out of commission chaos would ensue and ultimately lives placed in danger.

NATO has been hacked, and so was the U.S. State Department and Canada's National Research Council. The Canada Security Intelligence Services warned as long as 15 years back that Russia, China or Iran would in time be capable of launching a crippling cyberattack in a decade's time. That time has arrived. Iran has found its own systems compromised by malware which set back its nuclear technology on more than one occasion.

The stealth intrusion of malware takes government and private enterprise by surprise when it discovers compromised systems and flounders about attempting to resurrect their systems' integrity at great cost and concern. There is the possibility that malware can already have been embedded in critical infrastructure throughout Europe and/or North America simply awaiting the signal to shut down grids to produce haywire systems, when a switch is flicked somewhere across the globe.

This too is terrorism.