Cyber Security Expert: "Mass Casualties" Possible

Brian Hicks

Updated October 4, 2011

Picture this…

You’re working as a technician in a nuclear refinement facility buried deep underground.

Today is a day like any other, except in one respect: All hell is about to break loose.

As you strain beneath the weight of your heavy protective gear, surrounded by the whir of thousands of high-speed centrifuges, the spinning machines suddenly lose their steady rhythm and go wildly awry.

Alarms begin to sound as machines all around you start to spin out of control at 50,000 rpm…

When the dust clears, there is total chaos. Nearly a thousand machines within the facility literally rip themselves apart without warning.

You are alive — but barely. And in the blink of an eye, the place is now a smoking, contaminated ruin.

Sounds like an industrial nightmare, right?

If you were inside a certain top-secret Iranian nuclear plant last year, a strange malfunction suddenly became the sum of all fears.

The scariest part of the whole incident is that it wasn’t an accident at all; it was an attack specifically designed to thwart Iran’s growing nuclear ambitions. It wasn’t death from above, but death from within.

And while there were no bullets, bombs, or missiles, this attack managed to set Iran’s enrichment program back by as much as two or three years.

The Rise of the Digital Payload

This time, the battlefield was cyberspace; the warriors in the attack were an estimated 30 hackers sitting at computer terminals hundreds of miles from their target.

The assault was so effective — and at the same time, so covert and devious — that it remains unclear to this day who was responsible, though most clues point to Israel and the United States.

Carried out by an incredibly sophisticated computer virus called Stuxnet, this was the cyber security equivalent of a cruise missile.

Using a worm hole found within the Windows operating system, a network of hackers managed to infiltrate the plant beginning with something as innocuous as a thumb drive. From there, the virus spread to thousands of computers worldwide before finding its ultimate mark within the Iranian plant: a Siemens-built system that controlled the spinning of the centrifuges.

Once inside, it was only a matter of time before “the bomb” went off. Iran had no countermeasure to protect against it.

Stuxnet was one of the most brazen and damaging cyber attacks of all time. Unfortunately, it was merely the first shot fired.

In the 12 months since Stuxnet wreaked havoc in Iran, Lockheed Martin, Northrop Grumman, and the very heart of the U.S. Department of Defense — the Pentagon — have been targeted in similar attempts. Needless to say, these cyber attacks have national security implications that could one day lead to a full-scale war.

In fact, the U.S government takes these threats so seriously that the Department of Defense is prepared, based on the authority of the president, to launch either a cyber counterattack or an actual bombing of the source.

“It’s the president’s call,” said a senior Defense Department official recently. “We have to be able to respond.”

Meanwhile, according to a Government Accountability Office (GAO) report released yesterday, federal agencies are doing little to stem the tide of cyber attacks, which have increased from 5,503 in 2006 to 41,776 in 2010.

That’s a 650% increase in just five short years as the menace continues to multiply.

Digital Dirty Bombs

The German security expert who first discovered the existence of the Stuxnet virus says this was a calamity waiting to happen. He maintains we remain asleep at the cyber security switch.

A year later, expert Ralph Langner warns, “With every day cyber weapon technology proliferates, the understanding of how Stuxnet works spreads more and more. All the vulnerabilities exploited are still there. Nobody cares.”

“You don’t have to be a genius,” Langer says, “to create a program that works on a control system exactly the way Stuxnet does. You just have to know how to copy parts of it. After that, you just need a little more knowledge to make a simple but effective digital dirty bomb.”

He goes on to explain that cyber attacks on systems that control “facilities like power, water and chemical facilities that process poisonous gases could lead to mass casualties.”

Given the methods of attack and inherent vulnerabilities found within the digital system… that makes for a target-rich environment.

Targets could include defense networks, the energy sector, emergency preparedness systems, financial services, telecommunications, or even the agricultural sector.

In a coordinated cyber attack, no buildings would actually have to fall to weaken the victims militarily, economically, or politically. In short, it would be war by other means.

As a result, the federal government is scrambling to shore up the defenses against “a digital Pearl Harbor.”

The New Defense Giants

A report released in December by Input predicts federal investment in cyber security will reach $13.3 billion by 2015, up from $8.6 billion in 2010. That’s a compound annual growth rate of 9.1% — nearly twice the rate of other government IT spending.

As I discussed a few weeks ago, that’s going to mean big business for firms like SAIC Inc. (NYSE: SAI).

But let’s face it: SAIC is just going to be one of many winners as this new battlefield takes shape.

In fact, I believe numerous technology companies are on the verge of becoming like the defense giants of old when it comes to protecting our shores…

For investors, this translates to a trend that will put them at the forefront of a long, bullish ride into the future of warfare.

Later this month, I’ll be releasing a new report in which I identify one of the biggest winners in this new arena. Stay tuned.

Your bargain-hunting analyst,

steve sig

Steve Christ
Editor, Wealth Daily

Angel Publishing Investor Club Discord - Chat Now

Brian Hicks Premium