"Anonymous" and the threat of war between Russia and China

According to reports, Gen. Keith Alexander, the head of the NSA recently briefed the President on a possible attack on the US power grid by the hacker collective 'Anonymous'.

These reports have been taken as an excuse for ridicule of purported 'fear-mongering'. Apparently on the basis that those Anonymous types must be good guys, they tell us so.

I don't work for the NSA but I have worked in the civil field for twenty years and I know quite a bit about the way the NSA works. The idea that Alexander would give a warning limited to attacks by anonymous is nonsense. Hactivism has been a factor in information security for decades. The real development in recent years has been the emergence of attacks by state actors and their proxies.

Iran believes (and not without cause) that the US was behind the Stuxnet attack on their uranium enrichment plant. It does not take much imagination to think that they might attempt retaliation. Nor is Anonymous the only hacktivist group in existence. There are hundreds, thousands of similar groups around the world.

The underlying problem here that nobody disputes is that the US power system is vulnerable to cyber attack. The network protocols used in process control systems have not changed since they were developed in the late 1970s and none of them have security controls built in. This is worrying enough if you want to use a PID controller to cook your dinner sous-vide: an attacker can now reprogram your set point temperature and give you botulism. But the exact same systems are in use in power plants round the country, including nuclear plants.

The possibility of a successful attack against the power grid is not in serious dispute, what is open for debate is the extent of the likely consequences.

According to one school of thought, an attack on the power system would lead to the collapse of civilization within three months. I have been in meetings where the argument has been made that the response to an attack on the power grid should be to suspend the constitution and declare martial law. My view is that like J. Edgar Hoover, such people are a greater threat to the republic than the enemies they purport to protect us against.

A more realistic assessment of the likely consequences would be that they are serious but the risk of over-reaction is even more so. The actual consequences of 9/11 were bad but the consequences of the Bush administration response were far worse. A cascade outage in the power system could kill hundreds of people but using the event as a pretext to declare martial law would lead to civil war.

Another view, one that I think is under-considered in US policy circles is the possibility that the real threat to the US might come from an attack on the power system in another country.

Take China for example. The possibility of a war between the US and China is very remote because the two countries are far apart and there is really no incentive for either to get into a territorial dispute with the other. China understands the US position on Taiwan just as the US understands the Chinese position on North Korea. The chance of either leading to war is as remote as the possibility of the UK going to war with Spain over Gibraltar.

The possibility of war between China and Russia is much less remote and such a war would be a global catastrophe. Part of the legacy of the collapse of the Soviet Union is the tangle of remnant states bordering the Black Sea and the Caspian Sea are largely unfamiliar to us. Zbigniew Brzezinski, National Security Advisor under Carter, has called this region the Global Balkans. It is an apt name for an area that like the former Yugoslavia has yet to properly complete the transition from the Soviet system and where ethnic rivalries are stoked for political ends. Some of the ethnic groups are Russian, others are Han Chinese. There is a real risk that some crisis in the Global Balakans might lead to Russian or Chinese intervention and possibly war between Russia and China.

One possible scenario for such a conflict is that Russia (or China if you prefer) decides it must intervene and launches a 'digital Pearl Harbor' attack against China to ensure that it is otherwise occupied. Like the US power system, the Chinese power system uses 1970s control protocols such as MODBUS which lack security controls like authenticating the source of command signals. Unlike the US, China is in no position to fix this problem having relied on copied and stolen technology for decades.

Why is this a problem for the US? Well first a war between Russia and China would be a global catastrophe and could even lead to a world war. But also, if you are a Chinese strategist facing this particular problem your security options are rather limited. There is really no time to develop the necessary engineering design skills and then apply them to a new generation of control systems infrastructure which might be deployable in 2030 or so. If I was facing that particular problem I would take a completely different approach and seek to turn my problem into someone else's problem. For example, by hacking the US and Western countries power systems forcing them to come up with technology that I could then steal and apply to my own infrastructure.

In conclusion, this is precisely the type of security issue that I would want security advisors such as Alexander to be thinking about and discussing with the President because that reduces the risk of the type of panicked reaction that led to disaster under the Bush administration.