WASHINGTON – Several nations around the globe are capable of launching catastrophic cyberattacks but have refrained from doing so because it would be perceived as an act of war, a veteran security expert said Wednesday.
“We’ve been incredibly lucky but I do believe that things may change,” Charles Carmakal, vice president of Mandiant, a cybersecurity company owned by FireEye of Milpitas, California, said at a forum Wednesday.
Director of National Intelligence Dan Coats opened the 8th Annual Billington Cybersecurity Summit with a warning that digital threats to the United States are mounting.
“We have not experienced – yet – a catastrophic attack. But I think everyone in this room is aware of the ever-growing threat to our national security,” Coats said, adding that attacks on electrical grids and other utilities are a rising concern.
“It doesn’t take much effort to imagine the consequences of an attack that knocks out power in Boston in February or power in Phoenix in July,” Coats said.
Coats said he was about to head over to the White House to offer President Donald Trump his daily presidential brief on intelligence matters.
“Among the many issues that we discuss on an almost daily basis, cyber threats have risen to almost the top,” Coats said, noting that adversaries like China and Russia “are becoming more assertive, more capable and more adept at using cyberspace to threaten our interests.”
Carmakal identified Russia and China as nations with offensive cyber units capable of penetrating operating systems of major utilities. Russia demonstrated its digital heft in attacks on Ukraine’s power grid in December 2015, and again a year later, he said.
The 2015 attack knocked out power for up to 6 hours in parts of Ukraine.
“It was the dead of winter. It was incredibly cold,” Carmakal said, adding that the cyberattack on the power grid repeated in December 2016.
“This was yet another offensive operation which we believe to be orchestrated by the Russian government to inflict pain and harm on the Ukraine,” he said.
Cyber forensics specialists now concur that a global cyberattack that began June 27 in Ukraine, dubbed NotPetya, masqueraded as a ransomware attack designed to raise money but was actually a destructive operation, Carmakal said. The attack spread around the world, freezing the hard drives of tens of thousands of computers, disrupting operations of global companies like the U.S. pharmaceutical giant Merck, the British advertising giant WPP and the Danish shipping line AP Moller-Maersk
Carmakal said Chinese state-sponsored hackers had shown their ability to penetrate into sensitive U.S. energy companies.
Iran and North Korea are advancing rapidly in offensive cyber capabilities, he said.
Much of the crucial systems that keep water and electricity flowing in the United States, and help operate air traffic safely are vulnerable to attack, Carmakal said.
“A lot of times they are running very old technology that just can’t be patched,” he said.
©2017 McClatchy Washington Bureau
Visit the McClatchy Washington Bureau at www.mcclatchydc.com
Distributed by Tribune Content Agency, LLC.