Delacourt TP (2022) Cyberattacks on Critical Infrastructure as the New WMD. Homeland Security.

Preface. What follows are several articles on how cyber attacks could harm our infrastructure across at least 16 systems we depend on.  Although it is the decline of fossil fuels that will cause the most suffering and deaths, we’ve allowed modern civilization to be almost as dependent on electricity across infrastructure (health, finance and more).  This issue is so widespread, of such magnitude that I have made many posts on this topic to try to convey the myriad complexities, which I continue to marvel at.  So there are other posts on this topic here too.

Alice Friedemann  www.energyskeptic.com  Author of Life After Fossil Fuels: A Reality Check on Alternative Energy; When Trucks Stop Running: Energy and the Future of Transportation”, Barriers to Making Algal Biofuels, & “Crunch! Whole Grain Artisan Chips and Crackers”.  Women in ecology  Podcasts: WGBH, Jore, Planet: Critical, Crazy Town, Collapse Chronicles, Derrick Jensen, Practical Prepping, Kunstler 253 &278, Peak Prosperity,  Index of best energyskeptic posts

***

Delacourt TP (2022) Cyberattacks on Critical Infrastructure as the New WMD. An attack on one critical infrastructure sector may initiate a failure in another or cascade to the entire interconnected CI network. Homeland Security.

Should the acronym WMD, which stands for “Weapons of Mass Destruction,” be updated to “Weapons of Mass Disruption?” I think it is a timely question in this Digital Age as we connect and integrate billions of new digital devices into our lives and business processes and when a cyber-attack against one supply chain provider can lead to cascading effects on entire communities across the globe. Cyberattacks on Critical Infrastructure (CI) can cause mass economic and societal impacts. Fewer strategies than cyber-attacks can offer better plausible deniability and can cause greater anxiety and instability to our society than targeting the systems and networks that enable our day-to-day activities.

Advances in technology led to increases in each sector’s interconnectivity and reliance on online and networked resources to accomplish their fundamental missions. CI systems do not stand alone, but rather interconnected and interdependent, making them vulnerable to cyber threats. An attack on one may initiate a failure in another or cascade to the entire interconnected CI network. The ubiquitous nature of these CI sectors and the distribution of their physical and networked assets across a wide geographical area, often spanning the entire country, make CI sectors attractive targets.

Cyberattacks on interdependent CI sectors have the potential for secondary and tertiary effects in addition to the cascade of physical disruption that follows. Beyond impairing physical assets, cyber-attacks on the foundational services of a society also function as psychological and strategic weapons. CI disruptions may undermine confidence in the state to provide security or basic services. Such attacks may serve as existential threats to unstable regimes. As strategic weapons, cyberattacks on CI causing mass disruptions have the potential to tie up significant military and economic resources at the same time the nation faces a military threat. Such attacks have the potential to fully occupy the time and attention of decision-makers as well as field commanders, causing them to miss or ignore other pending threats. This exemplifies the multi-domain use of cyberattacks. Recently, plans purportedly developed by units within Iran’s Islamic Revolutionary Guard Corps leaked to a British reporter described various cyberattack strategies for cargo ships, building HVAC systems, and fuel pumps manufactured in the U.S. and sold worldwide.

Attacks may occur unnoticed, with bad actors lying dormant within systems for an extended time period. The nature of an attack may change over time, in that an intrusion may progress to an intelligence-gathering operation and data theft, before escalating into a denial-of-service or ransomware attack.

Determining attribution for an attack is difficult. The use by cyber actors of Virtual Private Networks (VPNs), leased server infrastructure, and the cross-border nature of the internet complicate attribution efforts. Intelligence services can be reluctant to publicly disclose sensitive techniques and classified information in order to explain attribution conclusions. Additionally, public prosecution of these malicious actors may risk disclosure of investigative techniques, particularly in national security investigations. Complicating the matter further, cyber-criminal organizations frequently operate from countries unwilling to arrest and extradite malicious actors to the United States. As a result, there appears to be limited consequences levied on adversaries for intrusion or intelligence-gathering activities.

U.S. House of Representatives 2012 hearing “AMERICA IS UNDER CYBER ATTACK: WHY URGENT ACTION IS NEEDED” & Frank Spellman on Energy Infrastructure Protection and Homeland security.

Almost every aspect of American life depends on electricity—from producing goods to saving lives, from defending the country to conducting electronic banking and commerce, from simple communications to feeding our families safely.

It could take 1 to 2 years before the grid could be brought back up if transformers were damaged.

There are lots of potential targets.   Our power grid has 6,413 power plants that produces 1,075 gigawatts, which moves from power plants to 143 million customers via 203,9300 miles of high-voltage AC transmission lines & 6,222 miles of high-voltage DC transmission lines, thousands of substations, and millions of miles of lower-voltage distribution lines.

If we link the entire grid to people’s homes that makes the entire grid vulnerable to hackers.  Smart meters are vulnerable to computer worms that could spread over wide areas, turnoff off smart meters as they went — hackers could bring down the entire grid, according to Mike Davis of IOActive, a Seattle security company.

Scenario 1

Imagine that cyber criminals have been gaining access to various parts of the power grid for years. They have infiltrated enough systems to make it possible to knock out power for the entire Northeast grid. They launch an attack in winter and power goes down throughout the area. Not only do people lose heat, light, refrigeration, cooking facilities, communication, and entertainment, but the systems that pump our water from reservoirs—and those that purify the water in the reservoirs—are affected. No potable water, perhaps no water at all, and no capacities for managing sewage.

Even if stores have back-up generators, they cannot order the inventory because their systems are electronic. Banking comes to a halt because funds can no longer move electronically. Gas stations can no longer sell gasoline. Commerce effectively ends because order fulfillment systems are down, payment systems are down, and communication is down. Those consumers with phone service through the internet— including those triple play plans offered by major providers—are out of luck because their service is no longer over the traditional land-line telephone network. Hospitals and medical centers, which might also have independent generators, can care for only the most critical patients, as they cannot check on patients’ insurance status or connect with the outside world electronically. While many of these sectors have emergency back-up systems to enable them to maintain operations during a power failure, those back-up systems are meant to be temporary—not long-term.

Yet the systems used to manage our electricity, the supervisory control and data acquisition, or SCADA systems, are antiquated, running on commonly available operating systems, and with their design having changed little since their introduction decades ago. They were never designed or built securely, and they certainly were not meant to be connected to the internet. And even today, we find that many electric companies still use vendor-supplied default passwords because they allow easy access in times of crisis or for maintenance and repair.

A report by CSIS and McAfee interviewing executives in the energy and power sector found that a large majority of them had reported cyber attacks, and about 55% of these attacks targeted SCADA. In 2009, nearly half of the respondents said that they had never faced large-scale denial of service attacks or network infiltrations. By 2010, those numbers had changed dramatically; 80 percent had faced a large-scale denial-of-service attack, and 85 percent had experienced network infiltrations. Meanwhile, a quarter of the interviewees reported daily or weekly denial-ofservice attacks on a large scale. A similar number reported that they had been the victim of extortion through network attacks or the threat of network attacks. Nearly two-thirds reported they frequently (at least monthly) found malware designed for sabotage on their system.

Attacks on systems like SCADA can give hackers direct control of operational systems, creating the potential for large-scale power outages or man-made environmental disasters. Yet in the United States, many companies have not adopted security measures for their SCADA systems, and many report their SCADA systems connected to IP networks or the internet, making these systems even more susceptible to attacks.

What happens when there are multiple, simultaneous failures or system manipulations in the electric grid? Industry experts acknowledge that the grid is not currently equipped to handle this situation.

Scenario 2 (developed by the National Institute of Standards and Technology)

Using simple computer programs that dial consecutive phone numbers looking for modems, an adversary finds modems connected to programmable breakers of the electric power transmission control systems, then crack the passwords that control access to the breakers and change the control settings to cause local power outages and damage equipment. The adversary lowers the settings from 500 amps to 200 amps on some circuit breakers, taking those lines out of service, and then diverts power to neighboring lines, at the same time raising the settings on the neighboring lines to 900 amps which prevents the circuit breakers from tripping, and overloading the lines.

This causes significant damage to transformers and other critical equipment, resulting in lengthy repair outages.

This is not a particularly sophisticated attack and it can be carried out remotely by anybody with anonymity. The harm it could cause will be far beyond the disruption of service and the loss of data. When you can successfully disable a portion of the power grid, you can generate cascading consequences.

When transformers fail, so too will water distribution, waste management, transportation, communications, and many emergency Government services. People who take medicines that require refrigeration will quickly face the prospect of going without those drugs. Given the average of a 12-month lead that is required to replace a damaged transformer today with a new one if we had a mass damage of that scale in a local regional level, the economic and societal disruption would be enormous.

In February 2011, media reports stated that computer hackers had broken into and stolen proprietary information worth millions of dollars from the networks of six U.S. and European energy companies.

In August 2006, two circulation pumps at Unit 3 of the Browns Ferry, Alabama, nuclear power plant failed, forcing the unit to be shut down manually. The failure of the pumps was traced to excessive traffic on the control system network, possibly caused by the failure of another control system device.

In March 2012, it was reported that a security breach at Global Payments, a firm that processed payments for Visa and Mastercard, could compromise the credit- and debit-card information of millions of Americans. Subsequent to the reported breach, the company’s stock fell more than 9 percent before trading in its stock was halted. Visa also removed the company from its list of approved processors.

In June 2011, a major bank reported that hackers had broken into its systems and gained access to the personal information of hundreds of thousands of customers. Through the bank’s on-line banking system, the attackers were able to view certain private customer information.

Citi reissued over 200,000 cards after a May 2011 website breach. About 360,000 of its approximately 23.5 million North American card accounts were affected, resulting in the potential for misuse of cardholder personal information.

In April 2012, hackers breached a server at the Utah Department of Health to access thousands of Medicaid records. Included in the breach were Medicaid recipients and clients of the Children’s Health Insurance Plan. About 280,000 people had their Social Security numbers exposed. In addition, another 350,000 people listed in the eligibility inquiries may have had other sensitive data stolen, including names, birth dates, and addresses.

In March 2012, it was reported that Blue Cross Blue Shield of Tennessee paid out a settlement of $1.5 million to the U.S. Department of Health and Human Services arising from potential violations stemming from the theft of 57 unencrypted computer hard drives that contained protected health information of over 1 million individuals.

November 2011. A foreign cyberattack on the computer control systems of an Illinois water utility system burned out a water pump. The attack may be the first known attempt to successfully destroy a piece of critical US infrastructure, say industrial control-system experts. Hackers may have also stolen passwords and other information needed to gain access to many more water utility control systems across the United States. An analysis of the Illinois water utility company’s computer logs indicates the attack came from the Internet address of a computer in Russia(Clayton 2011).

March 2011. Canadian researchers identified 1,295 computers in 103 countries infected by spyware and operated by someone as a “GhostNet” or cyberspy network. In each case, a Trojan program was downloaded that allowed the attackers control of the computers traceable, the report said, to “commercial Internet accounts on the island of Hainan,” which is the home of the Chinese Army’s intelligence facility (Clayton 2011).

2011: Hackers, possibly operating from China, stole access data from RSA Security Solutions, which provides secure remote computer access to defense contractors and government agencies. Some companies that used RSA devices were later hacked using the stolen information (Clayton 2011).

July 2009. Denial of service (DDoS) attacks against 20 government and business internet sites, including amazon.com, Yahoo!, the White House, Departments of state, justice, defense, and the White house

January 2008. Senior CIA analyst Tom Donahue told U.S. and European power-company engineers that extortionists had hacked into utilities in multiple regions outside the United States and disrupted power equipment. “In at least one case the disruption caused a power outage affecting multiple cities.” The CIA has been highly secretive about the incident, and Donahue would not discuss where the blackouts occurred or what companies were affected. But he admitted that the CIA had no idea who had perpetrated the attacks. Hackers had shaken down a public utility, it seems, and had gotten away with it (Derene).

2008. At least three US oil companies were the target of a series of previously undisclosed cyberattacks that may have originated in China and that experts say highlight a new level of sophistication in the growing global war of Internet espionage. The oil and gas industry breaches, the mere existence of which has been a closely guarded secret of oil companies and federal authorities, were focused on one of the crown jewels of the industry: valuable “bid data” detailing the quantity, value, and location of oil discoveries worldwide, sources familiar with the attacks say and documents obtained by the Monitor show.  The companies – Marathon Oil, ExxonMobil, and ConocoPhillips – didn’t realize the full extent of the attacks, which occurred in 2008, until the FBI alerted them that year and in early 2009. The new type of attack involves custom-made spyware that is virtually undetectable by antivirus and other electronic defenses traditionally used by corporations. Experts say the new cyberburglary tools pose a serious threat to corporate America and the long-term competitiveness of the nation. “You can’t get rid of this attacker very easily. It doesn’t work like a normal virus. We’ve never seen anything this clever, this tenacious.” (Clayton 2010)

2008. An estimated $1 trillion in intellectual property was stolen worldwide through cyberspace in 2008, according to a study last year by the antivirus company McAfee (Clayton 2011).

2008. Hackers lifted customer files from the Royal Bank of Scotland and used them to withdraw $9 million in half an hour from ATMs in the United States, Britain, and Canada.

In 2007, a senior Central Intelligence Agency official, Tom Donahue, told a meeting of utility company representatives in New Orleans that a cyberattack had taken out power equipment in multiple regions outside the U.S. The outage was followed with extortion demands, he said (Gorman).

In 2007 a video leaked out of the Department of Homeland Security that showed an experiment where a massive diesel generator shakes violently and belches smoke as it goes into total meltdown to demonstrate how a cyber attack could cripple big, essential machines. When the video hit CNN, it alarmed many in the utilities industry. How it was done is a secret, but basically it was done by intercepting all traffic between two other computers, controlling the line of communication between them.  This is a vulnerability common to many conntrol systems that support critical infrastructure (Derene).

In August 2006, a glitch shut down the Browns Ferry nuclear power plant in northern Alabama. Plant administrators lost control of recirculation pumps on one of the plant’s reactors because of excessive data traffic on the control-system network. The plant was forced to go offline temporarily.  Nuclear plants are designed to shut down in the event of major malfunctions to prevent a Chernobyl-style catastrophe. But they also generate almost 20 percent of U.S. power. What if a hacker exploited a coding error in a cooling system to shut down a sizable piece of the nation’s power supply? (Derene)

In a 2006 U.S. government experiment, hackers were able to remotely destroy a 27-ton, $1-million electric generator similar to the kind commonly used on the nation’s power grid. A video shows it spinning out of control until it shuts down.

In 2000, a disgruntled employee rigged a computerized control system at a water-treatment plant in Australia, releasing more than 200,000 gallons of sewage into parks, rivers and the grounds of a Hyatt hotel (Gorman)

In June 1999, in Bellingham, Wash., shortly before a routine delivery of gasoline by the Olympic Pipe Line Co., a worker updated a database for the company’s pipeline computer-control system. According to a report by the National Transportation Safety Board, a simple typo in the database caused the system to fail, disabling remote control for the pipeline’s operators, 98 miles away in Renton, Wash. Pressure began to build in the line, so the operator issued a command to open a secondary pump to relieve it, but the system was unresponsive. A weak point in the pipeline ruptured, releasing 237,000 gal of gasoline into nearby Whatcom Creek. An hour and a half later, the gasoline ignited. The ensuing fireball scorched more than a mile of riverbank, killing three people, including two 10-year-old boys, and damaged the city’s water-treatment facility (Derene).

Andreasson, Kim.  2011. Cybersecurity: Public Sector Threats and Responses

Clarke, Richard. 2012. Cyber War: The Next Threat to National Security and What to Do About It

Clayton, Mark. 25 Jan 2010. US oil industry hit by cyberattacks: Was China involved? Breaches show how sophisticated industrial espionage is becoming. Christian Science Monitor.

Clayton, Mark. 18 Nov 2011. Cyberattack on Illinois water utility may confirm Stuxnet warnings. A state report claims that a foreign cyberattack disabled a water pump at an Illinois water utility. After discovery of the Stuxnet cyberweapon a year ago, many experts predicted that cyberattacks on US infrastructure were imminent. Christian Science Monitor.

Derene, Glenn. 1 Oct 2009. How Vulnerable is U.S. Infrastructure to a Major Cyber Attack? Popular Mechanics.

Gorman, Siobhan. 8 Apr 2009. Electricity Grid in U.S. Penetrated By Spies. Wall Street Journal.

Kramer, Franklin. 2009.  Cyberpower and National Security (National Defense University)

Gorman S (2009) Electricity Grid in U.S. Penetrated By Spies.  Wall Street Journal.

Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.

The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven’t sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.

“The Chinese have attempted to map our infrastructure, such as the electrical grid,” said a senior intelligence official. “So have the Russians.”

The espionage appeared pervasive across the U.S. and doesn’t target a particular company or region, said a former Department of Homeland Security official. “There are intrusions, and they are growing,” the former official said, referring to electrical systems. “There were a lot last year.”

Many of the intrusions were detected not by the companies in charge of the infrastructure but by U.S. intelligence agencies, officials said. Intelligence officials worry about cyber attackers taking control of electrical facilities, a nuclear power plant or financial networks via the Internet.

Authorities investigating the intrusions have found software tools left behind that could be used to destroy infrastructure components, the senior intelligence official said. He added, “If we go to war with them, they will try to turn them on.”

Officials said water, sewage and other infrastructure systems also were at risk.

“Over the past several years, we have seen cyberattacks against critical infrastructures abroad, and many of our own infrastructures are as vulnerable as their foreign counterparts,” Director of National Intelligence Dennis Blair recently told lawmakers. “A number of nations, including Russia and China, can disrupt elements of the U.S. information infrastructure.”

 Delacourt (2022) references

“A Guide to a Critical Infrastructure Security and Resilience – November 2019.” Publications. Cybersecurity & Infrastructure Security Agency, 2019. https://www.cisa.gov/sites/default/files/publications/Guide-Critical-Infrastructure-Security-Resilience-110819-508v2.pdf.

Bommakanti, Kartik. “Chinese Cyber Escalation Against India’s Electricity Grid Amidst the Boundary Crisis.” Expert Speak: Warfare. Observer Research Foundation, March 10, 2021. https://www.orfonline.org/expert-speak/chinese-cyber-escalatio-india-electricity-grid-boundary-crisis/.

Connell, Michael, and Sarah Vogler. “Russia’s Approach to Cyber Warfare.” CNA Analysis and Solutions, March 2017, 1–30. https://www.cna.org/cna_files/pdf/DOP-2016-U-014231-1Rev.pdf.

“Cyber Attack – What Are Common Cyberthreats?” Products & Services: Security. Cisco Systems, Inc., February 19, 2021. https://www.cisco.com/c/en/us/products/security/common-cyberattacks.html.

Haynes, Deborah. “Iran’s Secret Cyber Files on How Cargo Ships and Petrol Stations Could Be Attacked.” Sky News. Sky UK, July 27, 2021. https://news.sky.com/story/irans-secret-cyber-files-on-how-cargo-ships-and-petrol-stations-could-be-attacked-12364871.

Holland, Steve, and Doina Chiacu. “U.S. and Allies Accuse China of Global Hacking Spree.” Reuters. Thomson Reuters, July 20, 2021. https://www.reuters.com/technology/us-allies-accuse-china-global-cyber-hacking-campaign-2021-07-19/.

“How to Break the Cyber Attack Lifecycle.” Cyberpedia. Palo Alto Networks, 2021. https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle.

Izycki, Eduardo, and Eduardo Wallier Vianna. “Critical Infrastructure: A Battlefield for Cyber Warfare?” International Conference on Cyber Warfare and Security (ICCWS), February 26, 2021. https://www.academia.edu/48210931/Critical_Infrastructure_A_Battlefield_for_Cyber_Warfare.

Lee, Jane. “U.S. Dials Back Probe of Chinese Scientists on Visa Fraud Charges.” Reuters. Thomson Reuters, July 24, 2021. https://www.reuters.com/world/us/us-seeks-dismiss-charges-visa-fraud-cases-chinese-researchers-2021-07-23/.

Polityuk, Pavel. “Ukraine Sees Russian Hand in Cyber Attacks on Power Grid.” Industrials. Thomson Reuters, February 12, 2016. https://www.reuters.com/article/us-ukraine-%20cybersecurity-idUSKCN0VL18E.

“Presidential Policy Directive (PPD-21) — Critical Infrastructure Security and Resilience.” Briefing Room: Statements & Releases. National Archives and Records Administration, February 12, 2013. https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/presidential-policy-directive-critical-infrastructure-security-and-resil.

Rinaldi, Steven M., James P. Peerenboom, and Terrence K. Kelly. “Identifying, Understanding, and Analyzing Critical Infrastructure Interdependencies.” IEEE Control Systems 21, no. 6 (December 2001): 11–25. https://doi.org/10.1109/37.969131.

Tucker, Eric, and Aamer Madhani. “US Expels Russian Diplomats, Imposes Sanctions for Hacking.” AP NEWS. Associated Press, April 16, 2021. https://apnews.com/article/joe-biden-ap-top-news-moscow-coronavirus-pandemic-elections-4c368f4734d5d1c5938645aa09641c79.

Tucker, Eric. “Microsoft Exchange Hack Caused by China, US and Allies Say.” AP NEWS. Associated Press, July 19, 2021. https://apnews.com/article/microsoft-exchange-hack-biden-china-d533f5361cbc3374fdea58d3fb059f35.

White, Edward, and Stephanie Findlay. “India Confirms Cyber Attack on Nuclear Power Plant.” Financial Times. FT Group, October 31, 2019. https://www.ft.com/content/e43a5084-fbbb-11e9-a354-36acbbb0d9b6.

[1] “A Guide to a Critical Infrastructure Security and Resilience – November 2019,” Publications (Cybersecurity & Infrastructure Security Agency, 2019), https://www.cisa.gov/sites/default/files/publications/Guide-Critical-Infrastructure-Security-Resilience-110819-508v2.pdf.

[2] “How to Break the Cyber Attack Lifecycle,” Cyberpedia (Palo Alto Networks, 2021), https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle.

[3] “How to Break the Cyber Attack Lifecycle,” Cyberpedia (Palo Alto Networks, 2021), https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle.; Michael Connell and Sarah Vogler, “Russia’s Approach to Cyber Warfare,” CNA Analysis and Solutions, March 2017, pp. 1-30, https://doi.org/https://www.cna.org/cna_files/pdf/DOP-2016-U-014231-1Rev.pdf.

[4] “Cyber Attack – What Are Common Cyberthreats?” Products & Services: Security (Cisco Systems, Inc., February 19, 2021), https://www.cisco.com/c/en/us/products/security/common-cyberattacks.html.

[5] “Presidential Policy Directive (PPD-21) — Critical Infrastructure Security and Resilience,” Briefing Room: Statements & Releases (National Archives and Records Administration, February 12, 2013), https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/presidential-policy-directive-critical-infrastructure-security-and-resil.

[6] Critical Infrastructure Threat Information Sharing Framework: A Reference Guide for the Critical Infrastructure Community, https://www.cisa.gov/sites/default/files/publications/ci-threat-information-sharing-framework-508.pdf

[7] Steven M. Rinaldi, James P. Peerenboom, and Terrence K. Kelly, “Identifying, Understanding, and Analyzing Critical Infrastructure Interdependencies,” IEEE Control Systems 21, no. 6 (December 2001): pp. 11-25, https://doi.org/10.1109/37.969131.

[8] Michael Connell and Sarah Vogler, “Russia’s Approach to Cyber Warfare,” CNA Analysis and Solutions, March 2017, pp. 1-30, https://doi.org/https://www.cna.org/cna_files/pdf/DOP-2016-U-014231-1Rev.pdf.

[9] ______, “Russia’s Approach to Cyber Warfare,” CNA Analysis and Solutions, March 2017, pp. 1-30, https://doi.org/https://www.cna.org/cna_files/pdf/DOP-2016-U-014231-1Rev.pdf.

[10] Pavel Polityuk, “Ukraine Sees Russian Hand in Cyber Attacks on Power Grid,” Industrials (Thomson Reuters, February 12, 2016), https://www.reuters.com/article/us-ukraine-%20cybersecurity-idUSKCN0VL18E.

[11] Kartik Bommakanti, “Chinese Cyber Escalation Against India’s Electricity Grid Amidst the Boundary Crisis,” Expert Speak: Warfare (Observer Research Foundation, March 10, 2021), https://www.orfonline.org/expert-speak/chinese-cyber-escalatio-india-electricity-grid-boundary-crisis/.

[12] Eduardo Izycki and Eduardo Wallier Vianna, “Critical Infrastructure: A Battlefield for Cyber Warfare?” International Conference on Cyber Warfare and Security (ICCWS), February 26, 2021, https://www.academia.edu/48210931/Critical_Infrastructure_A_Battlefield_for_Cyber_Warfare. Critical Infrastructure: A Battlefield for Cyber Warfare?

[13] Eduardo Izycki and Eduardo Wallier Vianna, “Critical Infrastructure: A Battlefield for Cyber Warfare?” International Conference on Cyber Warfare and Security (ICCWS), February 26, 2021, https://www.academia.edu/48210931/Critical_Infrastructure_A_Battlefield_for_Cyber_Warfare. Critical Infrastructure: A Battlefield for Cyber Warfare?

[14] Steven M. Rinaldi, James P. Peerenboom, and Terrence K. Kelly, “Identifying, Understanding, and Analyzing Critical Infrastructure Interdependencies,” IEEE Control Systems 21, no. 6 (December 2001): pp. 11-25, https://doi.org/10.1109/37.969131.

[15] Steven M. Rinaldi, James P. Peerenboom, and Terrence K. Kelly, “Identifying, Understanding, and Analyzing Critical Infrastructure Interdependencies,” IEEE Control Systems 21, no. 6 (December 2001): pp. 11-25, https://doi.org/10.1109/37.969131.

[16] Deborah Haynes, “Iran’s Secret Cyber Files on How Cargo Ships and Petrol Stations Could Be Attacked,” Sky News (Sky UK, July 27, 2021), https://news.sky.com/story/irans-secret-cyber-files-on-how-cargo-ships-and-petrol-stations-could-be-attacked-12364871.

[17] Michael Connell and Sarah Vogler, “Russia’s Approach to Cyber Warfare,” CNA Analysis and Solutions, March 2017, pp. 1-30, https://doi.org/https://www.cna.org/cna_files/pdf/DOP-2016-U-014231-1Rev.pdf; Edward White and Stephanie Findlay, “India Confirms Cyber Attack on Nuclear Power Plant,” Financial Times (FT Group, October 31, 2019), https://www.ft.com/content/e43a5084-fbbb-11e9-a354-36acbbb0d9b6.

[18] Steve Holland and Doina Chiacu, “U.S. and Allies Accuse China of Global Hacking Spree,” Reuters (Thomson Reuters, July 20, 2021), https://www.reuters.com/technology/us-allies-accuse-china-global-cyber-hacking-campaign-2021-07-19/; Jane Lee, “U.S. Dials Back Probe of Chinese Scientists on Visa Fraud Charges,” Reuters (Thomson Reuters, July 24, 2021), https://www.reuters.com/world/us/us-seeks-dismiss-charges-visa-fraud-cases-chinese-researchers-2021-07-23/; Eric Tucker, “Microsoft Exchange Hack Caused by China, US and Allies Say,” AP NEWS (Associated Press, July 19, 2021), https://apnews.com/article/microsoft-exchange-hack-biden-china-d533f5361cbc3374fdea58d3fb059f35; Eric Tucker and Aamer Madhani, “US Expels Russian Diplomats, Imposes Sanctions for Hacking,” AP NEWS (Associated Press, April 16, 2021), https://apnews.com/article/joe-biden-ap-top-news-moscow-coronavirus-pandemic-elections-4c368f4734d5d1c5938645aa09641c79.

[19] Steven M. Rinaldi, James P. Peerenboom, and Terrence K. Kelly, “Identifying, Understanding, and Analyzing Critical Infrastructure Interdependencies,” IEEE Control Systems 21, no. 6 (December 2001): pp. 11-25, https://doi.org/10.1109/37.969131; “Presidential Policy Directive (PPD-21) — Critical Infrastructure Security and Resilience,” Briefing Room: Statements & Releases (National Archives and Records Administration, February 12, 2013), https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/presidential-policy-directive-critical-infrastructure-security-and-resil