Los piratas inform\u00e1ticos amenazan los complejos sistemas de infraestructura cr\u00edtica (que incluyen energ\u00eda, finanzas, alimentaci\u00f3n y agricultura, atenci\u00f3n m\u00e9dica, servicios municipales, transporte, agua y muchos m\u00e1s) son vulnerables, y no solo para los actores estatales. Incluso peque\u00f1os grupos de delincuentes han dejado a miles de personas sin electricidad, cortaron las comunicaciones de los socorristas.<\/p>\n
On Jan. 31, FBI Director Christopher Wray\u00a0testified<\/a>\u00a0before Congress, explaining how Chinese government hackers were trying \u201cto find and prepare to destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous.\u201d<\/p>\n These hackers, Wray continued, \u201care positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike.\u201d<\/p>\n Wray’s testimony offered a glimpse into the frightening possibilities attacks on U.S. critical infrastructure might unleash. But the truth is actually scarier: The American homeland has been under attack for the past two decades, with little in the way of meaningful response.<\/p>\n Policymakers must, then, begin to strengthen private sector and local preparedness for these ongoing attacks, as well as developing and resourcing the federal interagency for complex emergencies, with an emphasis on societal resilience.<\/p>\n As early as\u00a02009<\/a>, Chinese and Russian hackers infiltrated America’s electrical grid, installing malware that could be used for future attacks. One year later,\u00a0Russia<\/a>\u00a0hacked the NASDAQ stock exchange and not only attempted to steal data but left behind what experts described as a \u201cdigital bomb\u201d that could, when detonated, damage financial networks.<\/p>\n In 2013, disaster was narrowly averted after Iranian hackers\u00a0infiltrated<\/a>\u00a0the control systems of the Bowman Avenue Dam in New York and nearly flooded a small town.<\/p>\n A\u00a02017<\/a>\u00a0hack of the Wolf Creek nuclear power plant in Kansas was later revealed to be the work of Russian hackers, as was a\u00a02022<\/a>\u00a0attack on an international food company, which temporarily closed all of its meatpacking plants in the United States.<\/p>\n China reportedly breached and surveilled the networks of the New York City\u00a0subway<\/a>\u00a0system in 2021. Just this past May,\u00a0Microsoft<\/a>\u00a0reported that the China-backed hacker network\u00a0Volt Typhoon<\/a>\u00a0compromised its IT systems to access critical infrastructure on Guam.<\/p>\n These complex systems of critical infrastructure\u2014which include energy, finance, food and agriculture, healthcare, municipal services, transportation, water and many\u00a0more<\/a>\u2014are vulnerable, and not just to state actors. Even small groups of criminals have left thousands without\u00a0electricity<\/a>, cut off\u00a0responders’<\/a>\u00a0communications in major cities and prevented patients from receiving care at\u00a0hospitals<\/a>.<\/p>\n These known threats to civilian critical infrastructure are made worse because our national defense is\u00a0dependent upon<\/a>\u00a0some of these very same systems. For example, the ability of the U.S. military to deploy forces overseas depends upon the civilian\u00a0maritime<\/a>\u00a0industry,\u00a0airlines<\/a>,\u00a0ports<\/a>\u00a0and\u00a0railroads (PDF<\/abbr>)<\/a>\u2014all of which have been disrupted by cyberattacks from various bad actors within the past 10 years.<\/p>\n In 2014, the Senate Armed Services Committee\u00a0reported<\/a>\u00a0that Chinese hackers repeatedly breached the networks of U.S. Transportation Command’s civilian contractors, upon whom the military would rely for logistical support in the event of war. As Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Agency,\u00a0warned<\/a>\u00a0last year, a foreign adversary could choose to target U.S. infrastructure to gain an advantage in a military conflict.<\/p>\n Given these known threats to the U.S. homeland, policymakers from the national to the local level must act now to better prepare their communities for the impacts of critical infrastructure attacks.<\/p>\n Among the first things policymakers can do is improve collaboration, as most critical infrastructure is owned by the private sector and overseen by local governments. Local officials and private companies should work to improve the security of both the physical facilities they manage, as well as their networks. Both groups should also plan for emergencies collaboratively, perhaps incorporating training and exercises with first responders as well.<\/p>\n National decisionmakers should also better evaluate different federal agencies’ ability to manage multiple crises at once. The challenges of the\u00a0COVID-19<\/a>\u00a0pandemic could serve as useful starting points for developing, posturing and resourcing federal departments and agencies to respond to widespread disasters created by attacks on critical infrastructure.<\/p>\n The final piece of preparedness does not come from policymakers, but from the rest of us, as societal resilience is critical to not making the bad effects of critical infrastructure attacks much worse. In 2021, when a ransomware attack shut down the Colonial Pipeline, gasoline shortages were caused not by the direct disruption to supply, but by widespread\u00a0panic buying<\/a>.<\/p>\n Leaders at the local level should therefore engage their communities in preparedness planning. At the national level, leaders should be cognizant of our current state of political polarization. As in any attack meant to sow disruption and division, we do our enemies’ work for them when we panic.<\/p>\n Instead, we may do well to remember the lessons of the last major attack on the U.S. homeland. On Sept. 11, 2001, there was little room for vitriol and prejudice. Instead, if we act with the understanding that the homeland is already under attack, everyday Americans may realize that they are their neighbors’ best hope for safety and security.<\/p>\n