Land, air, sea, space, and cyberspace – These are the five dimensions of warfare and have been acknowledged as such since the 1990s (a few decades after the 5th Dimension‘s acclaimed “Age of Aquarius”). The first four dimensions of warfare have settled into what we recognize as conventional warfare. The fifth dimension, well, is less straightforward. In the dimension of cyberspace, unguarded individual Internet activity can introduce network vulnerabilities, and, in extreme cases, result in compromising national security.
While countries typically look to their leaders to protect them in the first four dimensions, the embedded nature of the fifth dimension requires action from average citizens to build up secure digital environments, since weaknesses of various digital systems are as numerous as the users interacting with the networks. Phishing schemes, spear-phishing, malware, and outdated operating systems are a few examples of weaknesses that can be used to gain access to a system’s network. In regards to the first three weaknesses, individual workers tend to be targeted in efforts to gain an entry point through corrupted emails or system prompts. From that opening, hacking groups can manipulate operating systems or siphon information from networks. This piece will focus on two cyber attacks that began with targeted campaigns on individuals and ended with a disabled energy grid and Tetrabytes of compromised information.
Let the sunshine in. On December 23, 2015, hackers attacked a western Ukrainian energy control center and two other distribution centers, cutting off energy to nearly 230,000 people. The power outage lasted up to 6 hours for some consumers, but even months after the attack the control centers were not fully operational. It was a well-executed and unprecedented attack on a country’s energy grid. The sophistication associated with this operation highlighted the capabilities of hacking groups and the scope of vulnerabilities that come along with greater digital integration.
Most hacking operations will either create or capitalize on weaknesses. In the case of the Ukrainian power grid, the hacking group leaned on the predictability of human nature to create more entry points to the center’s network.
Nearly nine months before executing the blackout, hackers began their spear-phishing campaign when they sent corrupted email attachments and began mimicking system prompts. Once users interacted with the attachments and system weaknesses, the hackers were provided entry points to the control center’s network. From those openings, the hacking group meticulously documented the information that would give them control over the targeted energy control centers. Once the takeover began that December evening, the control center administrators could only watch the assault unfold.
These are the hard realities of the fifth dimension of warfare. Preying on system weaknesses and the predictability of human nature (see spear-phishing), hackers exploited possible vulnerabilities and compromised regional energy flows. In other instances, hackers have jeopardized protected information, compromising national security.
No more falsehoods. In January 2013, after three months of research and investigation, Kaspersky Lab released a report of a malware platform that targeted diplomatic, government, and scientific research computer networks across Eastern and Western Europe and North America, dubbed “Red October”, shortened to “Rocra”. Also using spear-phishing attacks, Rocra capitalized on a number of security vulnerabilities in Microsoft Office programs and PDFs to infect personal computers, networks, and mobile devices.
The attackers associated with the cyber-espionage campaign had been active for at least five years before Kaspersky Labs began their investigation and had captured an estimate of hundreds of Tetrabytes of confidential information by the time of discovery. According to the BBC‘s initial coverage of the discovery, Kaspersky’s research noted that there were “55,000 connection targets within 250 different IP addresses.” Deciphering the numbers for readers, the author wrote “this means that large numbers of computers were infected in single locations – possibly government buildings or facilities.”
Harmony and understanding. Digital networks are only as strong as their weakest links; therefore individuals should work to increase their familiarity with how corrupted files and system weaknesses can provide entry points through a simple mouse click. If these two campaigns could exist as warnings of the potential weaknesses of cybersecurity structures, we would do well to respond.
Be wary of visiting websites that you do not know or may not trust, especially when connected to a network; cautiously approach emails from unknown senders; and make sure your security updates are, in fact, up to date. National leaders carry a much heavier burden in developing a secure digital infrastructure, but these are the small steps that we, as links to the wider security network, can take to make the fifth dimension more secure.