Last week Google said its Gmail system had been breached, for the second time, by attackers who appear to be in China. Meanwhile, defense contractors Lockheed Martin and L-3 Communications both admitted they too had been hit by serious cyberattacks. Worse yet, the hackers who infiltrated these companies appear to be the same ones who in March broke into systems at RSA, a world leader in computer security.
Breaking into these places is like breaking into Fort Knox. These jobs aren’t being pulled off by kids fooling around, or even by the criminals who steal credit-card numbers. “You’re looking at nation-state capability actors,” says Herbert Thompson, a computer-security consultant and professor of computer science at Columbia University.
With digital attacks becoming rampant, the computer nerds who work for the good guys to thwart such incursions have become the new Navy SEALs—elite commandos who can carry out sophisticated operations on the battlefield of cyberspace. The enemies they’re battling slip into computer systems to steal information or wreak havoc and then slip out without being detected. The services of these commandos, both to attack and defend, are becoming increasingly vital to top militaries around the world.
China just admitted it has organized a cyber-commando unit called the Blue Army. Officially its role is to defend China’s systems from intruders. Here in the U.S., a new report from the Pentagon warns potential enemies that the U.S. may consider cyberattacks to be acts of war and might retaliate with conventional weapons. “If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” an unnamed military official told The Wall Street Journal.
Or maybe we’ll zap you with a virus. That’s what happened in Iran, where the Stuxnet worm managed to infiltrate computer systems and mess up the centrifuges used to enrich uranium. Officially, nobody has claimed responsibility for that attack. But fingers have been pointed at Israel and the United States. And why not? Surely if the rest of the world is engaging in cyberwarfare, we must be doing the same. The scariest thing about all of this is that the cyberattacks we hear about probably represent only a fraction of what’s going on. The best attacks, after all, are the ones where the victims never even realize they’ve been breached.