Here are the 'cyber 9/11' scenarios that really worry the experts

Bricking every intel cpu,Using a likely 0 day in JunOS and ASR routers to make them all inoperable for a few days,similar wipe outs of cloud provider infrastructure come to mind.<p>But if I was the well resourced attacker I would use multiple teams and target a diverse variety of important services and infrastructure and coordinate an phased long term(weeks) attack. I would not cripple the internet as a whole,especially social media. In battle,hiding your location and intent is crucial to victory.<p>Social media would play a critical role in sowing confusion amidst the chaos. Isolate part of the country and spread a message that some internal political group (antifa or alt-right for example) launched a physical WMD attack,use access to fortune 500 company networks to send emails and other communication indicating internal collapse of the companies,one corp is going bankrupt,another has been lying about profits is under SEC investigation. Chaos after chaos. The goal of a &quot;cyber 9&#x2F;11&quot; would not be to cripple the internet but (imho)rather to exploit it to acheive three independent goals:<p>1) Long term (multi?)National and Economical instability and possibly collapse.<p>2) Make the internet as it stands today a mortal threat to society.<p>3) As a precursor to a physical invasion. The kinetic attack would be only of the many rumors and reports being circulated. Any and all damage to your enemy&#x27;s communications brings you one step closer to victory with minimal effort.<p>More on goal #2: The goal of 9&#x2F;11 was not to kill some americans. The goal was to destabilize the west by attacking important symbols of economic and political prosperity. It worked,economy was only momentarily destabilized but 17 years later america and the west are grappling to keep their democracies and basic freedoms. The goal of terrorism is to terrorize not to merely kill(which is why mass shooters are not labeled terrorists,their intent is murder not change through terror). A Cyber 9&#x2F;11 would have similar goals where the intent is to change and cause long term weakening of the adversary.<p>What makes the internet strong is not BGP,DNS and secure operating systems. It&#x27;s the fact that people trust it for reliable and resilient communication and governments view it as a strength to their political and economical stability as opposed to a dangerous liability. The goal of terrorism is to change your beliefs so that fear resulting from the attack changes your policy and principles.

I think prior to cyber 9&#x2F;11 we&#x27;re more likely to see actors executing attacks for financial gain. i.e. for competitive advantage or market manipulation.<p>&gt; A hacker took over the Twitter account of the Associated Press in 2013, tweeting &quot;Breaking: Two Explosions in the White House and Barack Obama is injured.&quot; The stock market instantly fell 143 points.<p>Regardless, our best defense is diversification&#x2F;decentralization - which goes against normal economic development (mergers and centralization). But as the risk increases (more attacks) - then the balance will shift to support diversification (well I hope).

Well - and all they really needed was facebook... a mad reality tv star, and a mass of uneducated americans...

A cyber 9&#x2F;11 would be the prelude to a shooting war if committed by a nation state. 9&#x2F;11 was not conducted by a nation state.

When a foreign adversarial state launches &#x27;cyber 9&#x2F;11&#x27; it would imply a few things:<p>1) The offending country is willing to escalate&#x2F;desires to provoke skirmishes that may lead to major battles with or without conventional military.<p>2) The offending country is so desperate, the only way to reboot their economy is to start a losing battle so it can be rebuilt.<p>3) the economy of the offending country is so skewed at the top of the leadership, they are willing to thin the herd using foreign intervention, and build up a zealous supporter base who is out for blood for vengeance.<p>TLDR: The adversarial state will launch a &#x27;cyber nuclear&#x27; attack when it thinks is fully ready to take the brunt of 12 American carrier groups armed with manned and unmanned stealth fighters.

The cyber 9&#x2F;11 will be done by rogue AWS employees who are part of a sleeper cell at Amazon.

Some sustained attack against a core function worries me. DNS, BGP, etc.

A nation won’t play this hand without expecting to back it up with standard military options. So when things get to that point it should come as no surprise.

Remotely rooting automobiles during rush hour to accelerate.<p>Several models now stupidly designed with media systems on same wire where it is physically possible.

Question: do HN-ers think that Russia and &#x2F;or China have the capability of, say, shutting down our grid or water supplies? The army would have to restore order <a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;New_York_City_blackout_of_1977#Effects" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;New_York_City_blackout_of_1977...</a><p>I think they do, but we can return the favor.

it&#x27;s very telling how everyone here is making the same mistakes USA intelligence made on 911 itself.<p>911 was some internal actors, sponsored by some CIA trained warlord who they forgot from 20 years before, but they could only see attacks coming from big nation states.<p>Here the comments are making the same mistake. cyber 911 can be something like a random operative who was given some covert training and now focus it on the coutry who trained them. instead everyone can only see full blown world war from well organized and funded nation states.<p>my guess: the (israeli?) company the US outsourced scada atacks on iran (stuxnet) will start selling the same tech (which most US facilities are still vulnerable to) other actors, such as north korea or syrians who felt betrayed with the US constant side-changing.

It&#x27;s only a matter of time before foreign hackers have the power to turn off the United State&#x27;s electrical grid. Look how Russia did it in Ukraine.

I think a cyber 9&#x2F;11 is just about the only thing that&#x27;ll make us get our shit together in this industry. Hopefully it happens before cyber WWI.

Hacking some financial system or industrial control isn&#x27;t really the big threat demanded of &#x27;cyber warfare&#x27; that is just sensible information security, building systems to best practice, reviewing them and updating as per normal.<p>The real danger is an idea that gets all too popular.<p>For instance, the could be a new climate change type of group that comes along and gets too much mindshare. In fact there was a new group who closed five of London&#x27;s bridges the other day. I doubt that they will be the group from which big ideas emanate from to take over the world but you never know.<p>So the case can be made for all of this extra spending on the basis that it is all there to do things that sound sensible - &#x27;Internet Security&#x27; - but there is capability being built for the more nefarious &#x27;cyber warfare&#x27;, making sure ideas that threaten business as usual get taken out.