An Auburn University professor is voicing concern over the potential dangers that state-sponsored Russian hacking poses to U.S. infrastructure, specifically agriculture and water supplies.
Amidst an abundance of Russian-related political controversy, Bob Norton, chair of the Auburn University Food System Institute’s Food and Water Defense Working Group, urges people to be aware of the real, tangible consequences that cyber warfare could have on everyday people.
Norton’s worries stem from the possibilities that hacking from foreign entities could, in a complex process, harm multiple critical infrastructures due to their interconnectivity. He described critical infrastructures as systems required to make a society survive and flourish, so it would include things like the food, water and electricity systems.
The food and agriculture sector is one of 16 critical infrastructures identified by the Department of Homeland Security.
“What we are concerned about is what are called cascading effects,” Norton said. “Cascading effects are where, for instance, one critical infrastructure is targeted, and then it causes a series of events that some of which may be anticipated and some of which may not, and it starts to affect other critical infrastructures.”
For example, Norton explained how a disturbance in Alabama’s power grid could compromise the $4 billion poultry industry, which is one of the largest industries in Alabama. This would have a devastating effect on the economy as well as people’s livelihood.
“Cascading effect would be where an adversary like Russia would affect the power grid, which could in turn affect the water supply, which could in turn affect agriculture or the poultry industry itself. Or it doesn’t have to go that far a route. It could go directly from the power supply into the poultry industry.”
Sign up for our newsletter
Get The Plainsman straight to your inbox.
Traditionally, agro-terrorism has dealt with inflicting dangerous pathogens on plants or animals that could have a widespread effect, such as the anthrax attacks in 2001. But, Norton said the definition is beginning to expand to include cyber-related attacks on agriculture.
“The whole idea of vigilance is extremely important,” Norton said. “This is not a problem that is just going to go away, so we’re going to be fighting these battles for a very, very long time.”
Norton is a longtime consultant to the U.S. military and federal and state law enforcement agencies. He is also the editor of Bob Norton’s Food Defense Blog.
The Department of Homeland Security, FBI and the United Kingdom’s National Security Center released a joint technical alert in April about malicious cyber activity committed by the Russian government, including threats to residential routers.
An additional technical alert was issued in May, which explained how over 500,000 internet-connected routers in 54 nations had been compromised by Russian activity. It was believed that this information was going to be used against Ukraine, but the intent of the Russians is still somewhat unknown.
“It’s not an unprecedented press release,” Norton said. “Our government has, on occasion, exposed some of these foreign operations that are taking place. But in this particular case, it was the UK and the United States that jointly released this information, and that is quite unusual, and it really speaks to the level of concern.”
Norton added that Russia is not the only country of concern and not necessarily the most substantial. There are four foreign adversaries that the U.S. is concerned about: Russia, China, Iran and North Korea.
Although there are multiple concerns being juggled, Norton said he is currently focusing on Russia because the government is looking to bring more attention to Russia following the press release.
“One, Russia is a highly sophisticated adversary, and two, they are regularly trying to penetrate into the critical infrastructures, and our relationship with Russia is not good,” Norton said. “Therefore, we’re hoping that it is not going to escalate into something that is not akin to something like a Cold War relationship. We just don’t know what the future will bring.”
The level of concern has exponentially increased among businesses, not just by the government, Norton said. He added that at one time, cyber attacks were just considered a cost of doing business, but it is now considered a deep threat.
Because of the increase in concern and aggressive response from the United States, Norton feels that within the next few years, the government will authorize corporations to strike back.
“Cyber security has now become an existential threat,” Norton said. “It’s not the price of doing business anymore. You can have a company destroyed through the cyber realm. If Russia were to decide to take down a company, it could be extremely costly. Corporations are really starting to push back and ask when can they strike.”
Norton addressed the rise in attention in the media and the increasingly hostile remarks from politicians toward Russia. He does not think the government’s approach has drastically shifted, but the openness to which the government approaches the issue has increased.
“In my estimation, it’s better to let the public know that these things are happening and to be very vocal about it, inform the public,” Norton said. ”I think that’s a real positive that we’re seeing in the past couple years.”
Do you like this story? The Plainsman doesn't accept money from tuition or student fees, and we don't charge a subscription fee. But you can donate to support The Plainsman.Support The Plainsman