Go Back to Sleep Honey…its Only the Squirrels…
I was asked recently about the dangers of the Chinese hackers attempting to break into our critical infrastructure. Daily we hear that the Chinese have 24/7 hacking operations focused on breaking into the US Military systems , national security programs and private industry to steal secrets, blueprints, research and development data or anything else not nailed down. . “Hacking Colleges” and literally thousands of Chinese cyber soldiers armed with their laptops and Mountain Dew Code Red, banging away on their key boards for hours on end attempting to disrupt our way of life. I decided to dig in and conduct a little research of my own to objectively evaluate the threat of Chinese cyber-terrorism, searching for patterns, recorded security breaches or reported claims of cyber terrorism. Now, according to the U.S. Federal Bureau of Investigation, cyber terrorism is any “premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents.”
In an interview with P.W. Singer, (Singer is the director of the Center for 21st Century Security and Intelligence at the Brookings Institute, where his work focuses on the impact of new technology on national security. He recently coauthored Cyberwar and Cybersecurity: What Everyone Needs to Know), he states that, “There have been over 31,000 articles on cyber-terrorism, even though there’s not been a single incident that meets the FBI definition.”
How could this be possible???
How could cyber terrorism be such a hot button issue, when there have been no recorded incidents? In many ways, cyber terrorism is like the Discovery Channel’s “Shark Week,” when we obsess about shark attacks despite the fact that you are roughly 15,000 times more likely to be hurt or killed in an accident involving a toilet.
As George R. Lucas Jr., a professor at the U.S. Naval Academy, put it, conducting a truly mass-scale action using cyber “simply outstrips the intellectual, organizational and personnel capacities of even the most well-funded and well-organized terrorist organization, as well as those of even the most sophisticated international criminal enterprises.”
We should be crystal clear: This is not to say that terrorist groups are uninterested in using the technology of cyberspace to carry out acts of violence. In 2001, al-Qaida computers seized in Afghanistan were found to contain models of a dam, plus engineering software that simulated the catastrophic failure of controls. Five years later, jihadist websites were urging cyber attacks on the U.S. financial industry to retaliate for abuses at Guantanamo Bay.
As my father always tells me, “Prepare for the worst and hope for the best.”
Growing up in New York State, I have been exposed to, in my opinion, the two most tragic events in the states history , the September 11th terror attacks, and Super Storm Sandy. Strictly speaking from a financial standpoint, Super Storm Sandy inflicted massive losses to all 16 sectors of critical infrastructure, public property and private industry.
In 2013, USA Today published an article relating to costs related to natural disasters globally, stating that:
• The largest global disasters of 2012 were Hurricane Sandy (with a cost of $65 billion) and the year-long Midwest/Plains drought ($35 billion), according to the company’s Annual Global Climate and Catastrophe Report, which was prepared by Aon Benfield’s Impact Forecasting division. ($100 million total, domestically)
• Global natural disasters in 2012 combined to cause economic losses of $200 billion
• The number of human fatalities caused by natural disasters in 2012 was approximately 8,800, with nine of the top 10 events occurring outside of the U.S.
• (CNN adds) Hurricane Sandy, as a hurricane and a post-tropical cyclone, kills at least 117 people in the United States and 69 more in Canada and the Caribbean. The death toll in the U.S includes 53 in New York State, 34 in New Jersey, 12 in Pennsylvania, six in West Virginia, four in Connecticut, one in Maryland, and seven elsewhere in the U.S.
• 7.9 million businesses and households are without electric power in 15 states and the District of Columbia.
If we are keeping tabs on credible threats to US infrastructure, then, thats NATURAL DISASTER 1 vs. CYBER- TERROSIM 0….
I will argue that the Chinese cyber terrorism threat pales in comparison to the destruction and devastation caused by natural disasters, not only in the U.S., but worldwide.
At this point, I’m willing to bet you have asked yourself at least once, why has this damn squirrel been staring me down this entire article…well, heres my big reveal..
Squirrels, not the Chinese cyber arm-chair army poses exponentially more of a threat to the US Critical Infrastructure system. I now offer you data substantiated by the NY Times, that the power grid is more vulnerable to a specific natural “disaster”, squirrels, yes squirrels. See graph below.
If we are arguing what “has” happened as opposed to what “could” happen, I prefer to argue with data and facts. As we have all heard before, the plural of anecdote is not data”. In Austin, Tex., squirrels have been blamed for 300 power outages a year. Other utility companies have claimed that between 7 and 20 percent of all outages are caused by some sort of wild animal, and a 2005 study by the State of California estimated, hazily, that these incidents cost California’s economy between $32 million and $317 million a year. In 1987, a squirrel shut down the Nasdaq for 82 minutes and another squirrel shut down the Nasdaq again in 1994.
According to the above, InfoSec Institutes 2013 report, the Impact of Cyber Crime, provides data which assesses the effect of cybercrime in the U.S. In my estimation, there is a tremendous amount of fear mongering by the government, software developers and media, focusing on, “possible vulnerabilities” and not hard data which clearly shows the threat isn’t nearly as devastating as reported.
