A recent story aired by BBC “How France's TV5 was almost destroyed by 'Russian hackers'” reported that on April 8, 2016, the premiere date of a new broadcast channel of TV5Monde, a French network, was disrupted by a destructive Russian cyberattack targeting “the Internet-connected hardware that controlled the TV station's operations, such as the encoder systems used to transmit program.” The story then noted that:
It was a race against time - more systems were corrupted with every passing minute. Any substantial delay would have led satellite distribution channels to cancel their contracts, placing the entire company in jeopardy.
In other words, it was customers cancelling contracts that was the ultimate threat to the company. This particular story thus indicates the value of destructive cyberattacks in prompting or instigating large scale reaction that can amplify by many times the effect of any given attack.
An interesting question arises – did the attackers know in advance that their attack would place the very economic survival of the company at risk? Or had they “merely” intended wreak havoc that they expected would have only short term effects? Was the existential nature of threat to the company just fortuitous from their perspective?
If the first (they knew in advance), it seems like an exercise in predicting second-order effects – only this time, the second-order effects that are psychological, legal, and economic in nature, rather than technical, and are not necessarily smaller because they are second order. That’s a significant expansion of the space that planners of an attack must account for – and defenders too.
Of course, this isn’t the only example of the harness-and-amplify characteristic of cyberattack as a destructive instrument. Fresh in our consciousness is the Russian recent hack on U.S. election infrastructure. In this hack, the actual cyberattacks were pretty trivial—purloined emails. But the selective leaking of these emails to legal (if shady) distribution channels such as Wikileaks had enormous impact on the election, and the leaking was inspired by a deep understanding that in today’s fact-free political environment, such channels would amplify the noise and confusion already surrounding the election campaign. A trivial technical hack, but an enormously significant political hack.
It’s a new world, and we need to develop new tools for understanding and dealing with this kind of threat.