As the Daily Telegraph reported 3 days ago, a cyber-attack has targeted the British Energy companies during the General Election Day. Intelligence Services linked the criminal hackers’ organisation to Russian, however, without reporting official evidence of “partnerships” (read here)
In fact, according to the US Agency, this type of attack has been already targeted US power stations and seems to target more precisely nuclear plants. Remember that the Ukrainian energy grid was hacked just before a military offensive several months ago. So no doubt, that this type of attack could be considered as part of the warfare capability of advanced technological countries.”Si vis pacem para bellum”: in our technological society, this type of attack could be only considered as training or rehearsal for new military teams but… as we know, it could also be a means to destabilise the economy of our society.
If the rule of war changed and required an awareness and research effort for Europe to be able to set up reliable countermeasures, a fact should be also underlined : such “training” attack (if they can be considered as such) can also have uncontrolled side effects. And it may be the most dangerous for our society. Even if the target was very clear (as such for the Stuxnet attack), the mechanism to reach the targeted objectives has compromised a large range of industrial sectors (read here).`
What does it mean from a cyber security point of view ? The potential side effects should lead all companies to take the opportunities of such attacks to reassess the security of their own infrastructure, to identify potential flaws in their defence and review the historical data to track risen vulnerabilities in their own infrastructure. If these types of cyber attack have not directly impacted you, it could be dangerous to trust into your lucky star without checking that no-one could use the same mechanism to impact you not now but tomorrow.