It is the top cybersecurity question of our time: whether Russia in its current conflict with Ukraine can use a cyberattack to flip the switch and make Huntsville — or any American city — go dark.
Huntsville is a national defense-oriented city flanked by Redstone Arsenal. It has intense research and development, logistics and supply, intelligence, and law enforcement activity ongoing.
Dr. Tommy Morris, interim chair of the Department of Electrical and Computer Engineering, and director of the Center for Cybersecurity Research and Education at the University of Alabama in Huntsville (UAH), said, “This makes Redstone Arsenal, businesses in the area, and even our home networks high-value targets. Our home networks are targets because our family members work at Redstone or at local companies involved in the high-value target areas.”
Since the Cold War, Huntsville has been one of Moscow’s top nuclear warfare targets and likely still is. Russia has the power to cyberattack, but is it possible Huntsville is a Russian target?
“It is possible,” said a local expert who has been tracking Russia’s cyberattacks against Ukraine. “But not probable.”
Surprisingly, Ukraine has bounced back from the worst Russian cyberattacks over the past few days, but Ukrainians are not as dependent on the internet as Americans.
But the real problem may not be the Russian government. It may be hackers, affiliated or not with Vladimir Putin.
“Russia attacking U.S. critical infrastructure in a way that affects our society seems unlikely,” said Morris. “Hackers on the other hand, can make the lights go off.”
Hackers have numerous methods of attack including exploiting vulnerable systems like electronic money and transfers.
Morris points out, “Since many of the recent sanctions are financial in nature, Russia and their proxies could attempt to steal money by attacking these financial transfer systems.”
Small businesses and individuals should beware Ransomware attacks.
“Criminals run ransomware operations to encrypt any computer’s data they can find,” explained Dr. Morris. “They charge ransom to give you your data back. Sometimes they have no intention of giving your data back.”
Such attacks are disruptive at a minimum, but growing attacks on cryptocurrencies like Bitcoin, Ethereum, Dogecoin and digital wallets used to store cryptocurrency are equally vulnerable.
“If you are dabbling in cryptocurrency, be careful,” Dr. Morris said. “This theft is extremely hard to trace and there are no protections such as you might get from a credit card company or from the Federal Deposit Insurance Corporation for a bank account.”
A lot of work and money has been directed at defending critical U.S. infrastructure from any cyberattack, but a shortage of cybersecurity professionals leaves many systems vulnerable to attack even when there is a way to defend them.
“They (Russia) don’t necessarily want to take out our critical infrastructure now,” Dr. Morris said. “But, if we go to war or if they want to send us a message, they want to be able to attack later.”
Don’t miss out! Subscribe to our email newsletter to have all our smart stories delivered to your inbox.