Over the years, the US government has taken significant measures through formulation of policies and laws, advancements in technology and security systems to protect the country and its citizens from terrorist attacks. One such step that was taken by the US government is the creation of the Department of Homeland Security to prevent terrorist attacks and other criminal activities.
However, terrorist acts committed throughout the world present unique challenges, problems as well as hazards to states, security forces and emergency responders. Past terrorist incidences in the US have shown that there could be dynamics which limit US security forces from protecting the country more effectively.
Acts of terrorism threaten successful utilization of the industrial control systems in controlling major terrorism activities. The proliferation of nuclear, biological and chemical (NBC) weapons as well as missiles as a way of terrorism attack remains among the key security issues in the US (Bevelacqua & Stilp, 2004).
The threat that the US faces from strategic attacks by use of NBC weapons would most likely be intended to cause political loss or lessen public support for the US ambition of pursuing NBC proliferation. There is an increasing national concern on the possibility for, as well as, consequences of, terrorist use of NBC weapons against the US and its forces.
Joseph and Reichart (2000) assert that this threat is real considering the threat that is already posed to the US security forces abroad. However, ICS which is used to control automated processes of almost all production facilities is also threatened by terrorist acts. Cyberattacks against the US ICS systems remain the biggest threat to possible NBC attack.
Baker, Filipiak and Timlin (2011) state that even those who had previously noted security holes in Supervisory Control and Data Acquisition systems ignored the risks since it had not been proved that other nations could exploit flaws in security systems for purposes of sabotage and political reasons.
However, things have changed over time. The Homeland Security New Wire (2011) reports that cyber attacks on the US ICS systems have emerged as the greatest threat to ICS infrastructure.
The Department of Homeland Security has warned that “Anonymous, which is an international hacking group”, has threatened to launch an attack on the industrial control systems, which is the software that controls automated processes for almost all key utility or production facility like power plant/stations, pharmacies, factories as well as chemical plants (Homeland Security New Wire, 2011).
Even though the National Cybersecurity and Communications Integration Center noted that Anonymous has not demonstrated capability to cause damage on industrial control software, past cyber activities of hackers and software developers have demonstrated that cyber attacks remain the greatest threat to ICS systems.
Stuxnet virus has been previously used to inflict damage to Iran’s Bushehr nuclear facility causing physical damage to the facility. Stuxnet virus was used to take control of the Supervisory Control and Data Acquisition (SCADA) system forcing several nuclear centrifuges to whirl uncontrollably while at the same time “knocking out the system’s automatic shutdown safety procedure” (The Homeland Security New Wire, 2011).
This is a clear indication that terrorist hackers can in the same way cause power generators in the US to explode, discharge hazardous chemicals or even pollute water supplies by causing damage to SCADA systems of several facilities. Despite the heavy protection on Iran’s Natanz nuclear facility, Stuxnet has caused many unexplained failures since it was launched.
Stuxnet was first identified in 2010 a year after it came into operation. Baker, Filipiak and Timlin (2011) describe Stuxnet as an extraordinarily complicated form of malware. Initially, it had been designed for sabotage alone. It infects computer systems by making use of the vulnerabilities on Microsoft Windows and targets certain Siemens SCADA programs.
Whenever SCADA program is running, Stuxnet targets certain configuration of industrial control system. If found, it launches attack which is aimed at manipulating particular microcontrollers to function erratically although the system would still report normal functioning to its operators (Homeland Security New Wire, 2011). Stuxnet has since then undergone extraordinary modifications in sophistications.
Baker, Filipiak and Timlin (2011) report that Stuxnet virus has “Microsoft Windows driver modules” which have been signed using authentic cryptographic certificates which its developers had stolen from major companies.
The virus can perform more than 4,000 functions and can go round the target infecting all the systems by reaching its target and then lying dormant if it does not find the particular configuration it was targeting in the system. Another virus that contains code similar to Stuxnet is Dugu.
Dugu collects intelligence data as well as assets from entities which include industrial control systems to be used to launch future attack against nuclear as well as industrial control systems.
The Homeland Security News Wire (2011) reports that the Public Intelligence was able to again access to a restricted security bulletin which confirmed that the Anonymous has developed and published most important programming code as well as other materials which aid users gain access to ICS systems.
The Homeland Security Department has also been able to establish that the Anonymous has the capacity to gain access as well as to trespass on ICS networks within the shortest time. Oil and gas companies face the greatest risk of being attacked by hackers.
The Homeland Security Department notes that these attacks on the ICS systems are likely to come from the hacker activist community who are interested in inflicting damage on energy companies (The Homeland Security New Wire, 2011). Of major concern is that terrorists and “rogue states” like Iran and North Korea are pursuing offensive biological, chemical as well as nuclear weapons (Joseph & Reichart, n.d).
Joseph and Reichart (2000) state that nuclear tests that were done in Pakistan and India in 1998 indicated that the value assigned to NBC weapons in some countries is on the rise. While the NBC proliferation threaten the US security, cyberattacks by terrorist hackers threaten US security strategy, and in particular, the US security forces’ ability to use communication networks as a tool of that strategy.
Baker, Filipiak and Timlin (2011) note that ICS systems are of critical infrastructures are likely to be affected by cyberattack. Cyberattacks targeting critical infrastructure majorly exploit Stuxnet virus, and this involves both cybercriminals and foreign governments.
An objective security study that was conducted by Baker, Filipiak and Timlin demonstrated that ICS and SCADA systems in particular, remain at high risk of being attacked by Stuxnet virus. Baker, Filipiak and Timlin (2011) report that the target companies have not yet adjusted their network security to adequately safeguard their technologies from cyberattacks.
Despite these increasing security concerns, the government’s role in cybersecurity especially in eliminating vulnerabilities in critical infrastructure is still unclear.
State-sponsored cyberattack would exploit Stuxnet virus and Dugu to shut down or damage industrial control systems on which ICS system depends on and therefore divert scarce resources which are used to support the war on NBC proliferation.
Baker, Filipiak and Timlin (2011) state that this is a clear sign that governments hostile to the US are likely to target SCADA systems for the US’s power, oil, gas, as well as, water and sewage systems.
Joseph and Reichart (2000) assert that NBC weapons especially biological weapons and chemical weapons may be used as instruments by governments which pursue NBC proliferation by selectively taking advantage of the vulnerabilities of the US and those of it its allies since they can exploit them to achieve immediate military, political as well as psychological effects.
Center for Strategic and International Studies (CSIS) reports that nation states pose the greatest threat to the US critical infrastructure since major world powers have already acquired or are about to acquire cyberattack capabilities, and that, they are likely to work in collaboration with terrorists to bomb civilian targets or attack critical infrastructure (Baker, Filipiak and Timlin, 2011).
CSIS also report that a younger generation currently dominates leadership in terrorist organizations, and this could increase instances of cyberattacks.
Joseph and Reichart (2000) state that adversaries seeking to make the most of the NBC weapons to counter the US’s conventional superiority are likely to adopt anti-access strategies which enable them launch attack without being detected on time.
Baker, Filipiak and Timlin (2011) confirm that Stuxnet virus uses superior anti-analysis techniques which makes reverse engineering difficult. The Department of Homeland Security reported that Stuxnet can gain access and cause damage to industrial control system within the shortest time possible.
There are fears that Stuxnet or Dugu could be used to attack the US Central Intelligence Agency systems. This means that once the functioning of the ICS system is altered, the system’s information and intelligence branch can not track the activities of the terrorists, and therefore, governments pursuing NBC proliferation can possibly launch chemical or biological weapons or even missiles on the US critical infrastructure.
Joseph and Reichart (2010) believe that large fixed facilities like airfields and ports which are important for prosecution of war are likely to be the main targets for adversaries during conflict. Such weapons could possibly cripple military as well as political issues of the US and its allies (Bevelacqua & Stilp, 2004).
According to Baker, Filipiak and Timlin (2011) most of the US’s critical infrastructure were not built with cybersecurity; instead, they were designed with efficiency in mind while creating many security holes.
Adversaries and terrorists are able to exploit vendor default passwords since the companies normally allow easy access during maintenance or crisis.
Researchers have proved that Stuxnet can gain remote access to control systems including power generators, and as a result, remotely alter its operating cycle, thus, sending the system out of control (Baker, Filipiak and Timlin, 2011). Cyberattack thus can cause failure in the grid system, and this can cause cascading effects considering that generators are expensive and could take weeks to replace.
Adversaries could adopt cyberattacks on the ICS system to interfere with its communication system and take advantage of the blackout to launch the fastest NBC or missile attack on the US critical infrastructure.
Baker, Filipiak and Timlin (2011) say that terrorist hackers are also likely to exploit Stuxnet’s misreporting feature which is normally hidden from system’s network operations center. This feature will certainly mislead control operators and intelligence agencies from detecting any malfunction in the ICS system.
An example of such “misreporting” occurred in the 2003 Northeastern US blackout (Baker, Filipiak & Timlin, 2011).
The US-Canada Power System Outage Task Force which investigated the cause of the blackout found that the control operators did not notice any cascading failure for some time, even though they were warned by individual line owners since the control computers which monitored SCADA never reported any problem with power deliver.
The control operators only came to realize that there was a real problem when other companies alerted them that there was a problem with the power delivery (Baker, Filipiak & Timlin, 2011).
Adversaries with cyberattack and NBC capabilities would to block the US intelligence forces from making real time detection as well as characterization of biological or chemical weapon agents given the increasing modifications on Stuxnet and Dugu viruses.
These cyberattack technologies would allow state sponsored terrorist to disable the US intelligence underground detection structures, thus, weakening the intelligence agencies’ capacity to locate as well as to disarm them of NBC weapons both within and outside the US.
This would give US enemies the opportunity to attack its ICS systems, divert its functioning and cause destructions to critical infrastructure as well as civilian assets. Precision-guided cyber-ammunition Stuxnet or Dugu attack on industrial control systems could be used to redirect intelligence communication systems and this could cause fundamental consequence for the US military campaign against NBC proliferation programs.
Any lapse in the intelligence communication networks or ICS system networks could be optimally exploited by terrorist hackers sponsored by enemy states to launch biological or chemical weapons attack on US critical infrastructure and assets both within and outside the US.
Once ICS systems microcontrollers are manipulated by cyberattack technologies to function erratically, it would be difficult for the US security to accurately detect and intercept low flying cruise missiles launched by adversaries.
Destruction of transport infrastructure, power sources, as well as, communication means would severely restrain the availability of resources to support the military forces in protecting civilian populations. Activities which depend on the civilian labour such as port operations could be curtailed due to loss of life resulting from NBC attack or refusal to participate for fear of NBC attacks (Fagin, 2006).
Under the Chemical Weapons Convention as well as the Biological Weapons Convention, the US has renounced “the right to respond in kind to chemical weapons and biological weapons use” (Joseph and Reichart, 2000).
This means that the US is limited to conventional as well as nuclear response options meaning that any lapse in the US security system which could allow adversaries to launch chemical and biological weapons attack could lead to severe impacts (Bevelacqua & Stilp, 2004).
Biological weapons could inflict massive casualties on soft targets which include US cities. Joseph and Reichart (2000) report that many states have continually expanded their biological weapons research, to develop more sophisticated and stable agents, which can be used over longer periods and in a more controlled manner to cause mass destruction.
Thus, the inability to remotely detect as well as identify biological agents due to cyberattacks on the industrial control systems, making the US security forces unable to effectively defend such attacks could severely affect the nation.
Joseph and Reichart (2000) believe that chemical weapon attack could also lead to profound effects on both critical infrastructures and the civilian population. Attack using chemical weapons or the threat of use would have serious political consequences which could force the US to respond with nuclear weapons (Fagin, 2006).
Having tested the capabilities of Stuxnet at Iranian nuclear plants, cyberattacks could be directed to US nuclear facilities.
Although there is a general belief that Stuxnet’s development could have been sponsored by the US and Israeli governments to cause damages to centrifuges at Iran’s uranium enrichment facility, it poses a great threat to the US homeland (Gjelten, 2000).
The Department of Homeland Security reports that adversaries could hack into the computer networks which control the industrial control systems and reprogram it to command the equipment to operate differently, which could result to unsafe speeds or cause “the valves to open when they are supposed to be closed” (Gjelten, 2011).
Stuxnet makes use of frequency converter drivers in the industrial control system that it has infected to modify the code of that target and “adjust the output frequency” to extremely high levels (Aldrich, 2011). It can also adjust it to much lower levels, in the end sabotaging the target.
The frequency of these converters normally operates at 807-1210 Hz as is required by the Nuclear Regulatory Commission (Aldrich, 2011). An adjustment to the frequency converters would cause nuclear centrifuges at US nuclear facilities to whirl out of control or cause power generators to go off, and consequently release hazardous chemicals into the environment.
This would cause deaths to people working in these nuclear plants or power generators, and those living in the surrounding regions; like it happened in Japan after the earthquakes, although the Japan case was not a cyberattack, but such could be the case should adversaries gain access to the ICS networks.
Cyberattacks remain the greatest threat to the US industrial control systems, and this could have serious impact on the US security as regards NBC attack on the US homeland and its critical infrastructure and assets abroad.
Stuxnet and Dugu take advantage of the ICS vulnerabilities to take control of the system and change its functioning. Both Stuxnet and Dugu have the ability to take control of the Supervisory Control and Data Acquisition (SCADA) system of various industrial control systems.
State sponsored cybercriminals and terrorist hackers can use these cyberattack technologies to modify configurations of microcontrollers of ICS to cause it to function erratically without its control operators realizing any abnormalities.
Security holes in most critical infrastructure make them vulnerable to cyberattacks initiated by governments hostile to the US. In turn, the misreporting feature of these cyberattack technologies makes the country vulnerable to NBC attacks from adversaries.
These cyberattack technologies could limit the ability of the US security forces and intelligence agencies from making timely detection and identification of NBC weapons and missiles and therefore intercept them before they cause the intended damages or impacts.
Besides, cyberattacks on the ICS could also make it difficult to locate as well as to disarm NBC weapons within and outside the US due to the misreporting features of these technologies. Thus, such vulnerabilities that exist in the US critical infrastructure could pose serious risk to the US homeland and its assets both at home and abroad
Reference List
Aldrich, R. (2011). Stuxnet poses interesting international cyber law issues. IAnewsletter, 14(2).
Baker, S., Filipiak, N. & Timlin, K. (2011). In the dark: Crucial industries confront cyberattacks. Washington, DC: Center for Strategic & International Studies.
Bevelacqua, A. S. & Stilp, R. (2004). Terrorism handbook for operational responders, 3rd ed. Albany, New York: Delmar Publishers.
Fagin, J. A. (2006). When terrorism strikes home: Defending the United States. Upper Saddle River, New Jersey: Pearson Education, Inc.
Gjelten, T. (2011). Stuxnet raises “blowback’ risk in cyberwar. Web.
Homeland Security News Wire. (2011). DHS warns Anonymous may target critical infrastructure. Web.
Joseph, R. G. & Reichart, J. F. (2000). Deterrence and defense in nuclear, biological, and chemical environment. Washington, DC: National Defense University Press Publications.