<div dir="ltr"><a href="http://www.kogonuso.com/2017/01/whos-winning-cyber-war-squirrels-of.html">http://www.kogonuso.com/2017/01/whos-winning-cyber-war-squirrels-of.html</a><br><br>For years, the government and
security experts have warned of the looming threat of "cyberwar" against
critical infrastructure in the US and elsewhere. Predictions of cyber
attacks wreaking havoc on power grids, financial systems, and other
fundamental parts of nations' fabric have been foretold repeatedly over
the past two decades, and each round has become more dire. The US
Department of Energy declared in its <a href="https://energy.gov/sites/prod/files/2017/01/f34/Transforming%20the%20Nation%27s%20Electricity%20System-The%20Second%20Installment%20of%20the%20Quadrennial%20Energy%20Review--%20Full%20Report.pdf"><span class="gmail-text-node">Quadrennial Energy Review</span></a>, just released this month, that the electrical grid in the US "faces imminent danger from a cyber attack."
<div class="gmail-added-to-list1">
<br>So far, however, the damage done by cyber
attacks, both real (Stuxnet's destruction of Iranian uranium enrichment
centrifuges and a few brief power outages alleged to have been caused by
Russian hackers using BlackEnergy malware) and imagined or exaggerated
(the <a href="http://arstechnica.com/security/2016/03/dam-you-justice-dept-to-indict-iranians-for-probing-flood-control-network/"><span class="gmail-text-node">Iranian "attack" on a broken flood control dam in Rye, New York)</span></a>, cannot begin to measure up to an even more significant cyber-threat—squirrels.</div>
<div class="gmail-added-to-list1">
<br>That was the message delivered at the Shmoocon
security conference on Friday by Cris "SpaceRogue" Thomas, former
member of the L0pht Heavy Industries hacking collective and now a
security researcher at Tenable. In his presentation—entitled, "35 Years
of Cyberwar: The Squirrels Are Winning"—SpaceRogue revealed the scale of
the squirrelly threat to worldwide critical infrastructure by
presenting data gathered by CyberSquirrel 1, a project that gathers
information on animal-induced infrastructure outages collected from
sources on the Internet.</div>
<figure class="gmail-video"><div class="gmail-wrapper gmail-added-to-list1" id="gmail-">
</div><figcaption class="gmail-caption"><div class="gmail-caption-text gmail-added-to-list1" id="gmail-">SpaceRogue explains why it's all about the squirrels.</div></figcaption><figcaption class="gmail-caption">
</figcaption></figure>
<div class="gmail-added-to-list1">
Thomas sought to dispel what he called the
"FUD" around cyber-attacks on critical infrastructure, citing dire
predictions from a number of sources, including "the pre-eminent infosec
expert <a href="http://tedkoppellightsout.com/"><span class="gmail-text-node">Ted Koppel</span></a>" (whose recent book, <em>Lights Out</em>,
focuses on the vulnerability of the power grid). And with government
officials such as the Federal Energy Regulatory Commission Chairman
Cheryl LaFleur declaring that "one [successful cyber attack] is too
many," SpaceRogue likened the government's posture to the Cheney
Doctrine, also known as the "<a href="http://ronsuskind.com/books/the-one-percent-doctrine/"><span class="gmail-text-node">One-Percent Doctrine</span></a>."
As Thomas explained, that doctrine is "if there's a one percent chance
of something occurring, we must employ 100 percent of our resources to
prevent it. This is essentially [what happened with] Iraq, and we're now
applying it to cyber and equating cyber to nukes and [mutual assured
destruction]. It really doesn't work that way."</div>
<div class="gmail-added-to-list1">
That sort of stance is made even more
unnerving by the fact that many of the cases where "cyber" has been
attributed to incidents with energy infrastructure turned out to be
false alarms. <br><br>Even in the few cases where a network intrusion resulted
in disruption of the electrical grid—specifically in Ukraine, where two
attacks caused power outages—the impact was relatively brief and was
comparable to outages caused by other factors, Thomas noted.</div>
<div class="gmail-added-to-list1">
To "counteract the ludicrousness of cyberwar
claims by people at high levels in government and industry," Thomas
said, he launched CyberSquirrel1. Inspired by a <a href="https://jerichoattrition.wordpress.com/2013/09/02/10-greatest-squirrel-attacks-of-all-time/"><span class="gmail-text-node">presentation</span></a>
at Thotcon by Josh Corman (now the director for Cyber Statecraft at the
Atlantic Council) and Jericho of Attrition.org, SpaceRogue
started CyberSquirrel1 initially as a Twitter feed on March 19, 2013.
The account simply "collected from a Google alert for news," he said.
But it soon evolved into a much larger data gathering effort, collecting
from search engines and other Web sources to populate a spreadsheet.
Jericho joined in to enhance the data set the next year, adding more
details and events—but even so, Thomas noted that he was only catching a
fraction.</div>
<div class="gmail-added-to-list1">
<br>Squirrels are not the only "actors" tracked by
CyberSquirrel1—birds, snakes, raccoons, rats, and martens factor
in among the top animal threats that have been captured by the project's
spreadsheet. Jellyfish have even gotten into the act, <a href="https://www.theguardian.com/world/2013/oct/01/jellyfish-clog-swedish-nuclear-reactor-shutdown"><span class="gmail-text-node">shutting down a nuclear power plant in 2013</span></a>. CyberSquirrel1's
data so far has tracked "over 1,700 outages, affecting nearly 5 million
people," Thomas noted. "If you consolidated them into one location, it
would basically take out the power for the San Francisco metropolitan
area for two months." Shockingly, there have even been eight deaths
attributed since the tracking began to follow animal attacks on
infrastructure—six caused by squirrels downing power lines that struck
people on the ground. </div>
<div class="gmail-added-to-list1">
</div>
<div class="gmail-added-to-list1">
<br>As of January 8, even if you count the Ukraine
attacks still not firmly attributed to Russia, even frogs (with three
outages) have more successful attacks on power grids than state actors.
Squirrels worldwide, however, are the clear cyberwar leaders: 879
successful attacks against infrastructure. There's also that <a href="http://metro.co.uk/2017/01/13/swan-holds-up-train-by-waddling-on-the-track-for-two-miles-6380202/"><span class="gmail-text-node">swan that performed the denial of service attack on a train</span></a> in the UK on Friday, January 13—truly showing the breadth of the animal kingdom's toolbox.</div>
</div>