The Silent Threat: Cyber attacks on the global supply chain
February 23, 2014
High-value cyberspace attacks can change the status quo. Whether they involve stealing the blueprints for a new aircraft design or disrupting the supply of electrical power, all of them have one weakness in common – the supply chain. Special analysis of today’s most dangerous cyber threat.
At the height of the Cold War, in June 1982, a US surveillance satellite spotted a substantial explosion in Siberia. A brief inquiry revealed that the source of the explosion picked up by the satellite was the new trans-Siberian gas pipeline the Soviets had laid in that region. A short while prior to that event, the KGB, the USSR’s Committee for State Security, had completed a sophisticated operation that seemed audacious even by the standards of the James Bond novels. The objective of that operation was to place a spy in a Canadian software company so as to obtain a management software system for the new gas pipeline.
The spy in question was not aware of the fact that the software he stole had been ‘modified’ by specialists of the CIA, the Central Intelligence Agency of the USA, who had inserted a few additional lines of code into the original software. The spy went back to the USSR with the software that was subsequently installed in the management systems of the new pipeline, and a short while later, that software led to the explosion that was picked up by the US satellite.
Thomas Reed, a senior official of USAF intelligence at the time, later described the result of the CIA operation as “the most monumental non-nuclear explosion and fire ever seen from space”. All of this was achieved without using even a single missile or a bomb – only by a few lines of program code.