The world should brace itself for more physically destructive hacks, two senior cybersecurity officials said Wednesday, warning that a more dangerous era of hacking was already upon us.
Paul Chichester, the director of operations at Britain's new National Cyber Security Center, told attendees at an event hosted by British defense think tank RUSI that electronic intrusions were on their way to becoming more “destructive, disruptive and coercive.”
“That will be our future,'' he told a crowd of officers, academics and industry experts gathered for a two-day symposium in central London.
Chichester was seconded by Air Force Lt. Gen. James K. McLaughlin, deputy commander at U.S. Cyber Command, who told attendees that infrastructure-wrecking attacks were being seen “right now in the environment.”
Neither official went into specifics about what they'd seen or why they felt the threat was intensifying, although McLaughlin invoked a cyberattack in Ukraine which knocked out three separate power distribution companies last year. The Dec. 23 incident, believed to have been pulled off by a team of hackers using stolen passwords, left 225,000 people without electricity, according to a U.S. Department of Homeland Security bulletin published two months later.
Cybersecurity experts long worried that hackers can hijack the vulnerable industrial control systems to wreak havoc in power plants, traffic systems, factories, dams or reservoirs. Still, publicly confirmed examples of real-world damage from hacking have — so far — been few and far between. The Ukrainian incident provided a rare and dramatic demonstration of the physical consequences of a well-organized cyberattack.
McLaughlin said there was now no doubt such hacks were possible.
“Three years ago these were just theoretical,” he said. “Now we see them. They're practically here in front of us.”