Asymmetric Warfare: An Evolving Threat To Critical Infrastructure

In recent developments, Russian oil facilities have come under a series of drone attacks, marking a significant escalation in asymmetric warfare tactics. These incidents have seen inexpensive drones being used to inflict damage on critical infrastructure, including multi-million-dollar power plants and storage facilities. Notably, a drone attack targeted an oil refinery in the Belgorod region, causing a substantial explosion and fire. Similar attacks have been reported across various locations, underscoring the vulnerability of critical infrastructure to new forms of warfare. This series of events has raised serious concerns about the security of vital assets and the need for comprehensive risk management and preparedness plans.

• https://www.reuters.com/world/europe/ukraine-launches-drone-attacks-russia-second-night-row-officials-say-2024-03-13/

• https://www.svoboda.org/a/v-belgorodskoy-oblasti-na-neftebaze-proizoshyol-vzryv/32848403.html

• https://www.reuters.com/markets/commodities/russian-oil-facilities-hit-by-drone-attacks-fires-2024-01-29/

Understanding the Threat to Critical Infrastructure

Critical infrastructure represents the vital assets essential to a nation's economy, security, and health. The recent drone attacks on Russian oil facilities have highlighted the strategic shift towards employing low-cost, high-impact methods to disrupt these essential services. Reports from reputable sources, such as Reuters and Svoboda, have detailed these attacks, emphasizing the impact on energy supplies and the broader implications for national security and economic stability.

In the Belgorod region, for example, an oil depot was struck by a drone, resulting in a significant explosion and subsequent fire. This incident is part of a larger pattern of attacks targeting energy infrastructure, which not only poses immediate safety and environmental hazards but also threatens to disrupt energy supplies critical to economic activities.

Don’t think this is only a Russian problem, last year I wrote about an attack on Fort Bragg NC, that took out a critical substation and compromised the power for tens of thousands of people as well as the military base with only a rifle and a few bullets.

Speaking of the USA, in 2022 there were over 100 physical attacks on the power grid alone, which constitutes a massive surge in such attacks.

In the cyber realm, attacks on critical infrastructure is up 140% in the USA with around 150 attacks in 2022

Evolving Risks and the Need for Dynamic Risk Management

The shift towards asymmetric warfare, exemplified by the drone attacks on Russian facilities and the rifle attacks at Fort Bragg, as well as many others, necessitates a reevaluation of existing security and risk management practices. Organizations and governmental bodies responsible for critical infrastructure must adapt their strategies to address these emerging threats. This includes:

• Conducting Thorough Vulnerability Assessments: Regularly evaluating physical and cyber vulnerabilities to identify potential threats from both internal and external actors.

• Implementing Integrated Security Measures: Adopting a multi-layered approach that combines physical security with cyber defense, ensuring the resilience of critical infrastructure against a range of threats.

• Enhancing Collaboration and Intelligence Sharing: Strengthening ties with government agencies, industry peers, and international partners to share intelligence, coordinate responses, and disseminate best practices for infrastructure protection.

Crafting Effective Preparedness and Response Strategies

Photo by Hanna Morris on Unsplash

Beyond risk management, it is imperative to have robust preparedness and response plans in place. These plans should outline specific protocols for mitigating the effects of an attack, ensuring a coordinated and efficient response that minimizes damage and expedites recovery. Essential components of such plans include:

• Specialized Incident Response Teams: Teams trained to handle specific threat scenarios, capable of quickly mobilizing to address and contain incidents.

• Clear Communication Protocols: Strategies for effectively communicating with internal and external stakeholders, including emergency services, to manage the situation and maintain public confidence.

• Comprehensive Recovery Plans: Procedures for rapidly restoring operations, including activating backup systems and rerouting critical services to ensure continuity.

Domino Effect

Photo by Nathan Dumlao on Unsplash

These attacks underscore a broader concern in the realm of national security and infrastructure: the interconnectedness of critical industries and their vulnerability to disruption. A prime example of such interconnectedness can be seen in Denmark, where the train system—a lifeline of national mobility and economic activity—relies heavily on a stable power supply.

The loss of power, whether due to natural disasters, targeted attacks, or infrastructure failures, can trigger a domino effect, severely disrupting not just transportation but also vital services including government operations and even everyday transactions like using credit cards at grocery stores.

This cascading effect highlights the importance of safeguarding critical infrastructure, emphasizing that the resilience of one sector is often inextricably linked to the integrity of others.

Conclusion

The recent surge of attacks on critical infrastructure serves as a stark reminder of the vulnerabilities facing critical infrastructure. These incidents not only underscore the strategic shift towards asymmetric warfare but also highlight the urgent need for enhanced security measures, comprehensive risk management, and effective response strategies. As the threat landscape continues to evolve, the protection of critical infrastructure remains a paramount concern, requiring ongoing vigilance, adaptation, and collaboration to safeguard the foundations upon which our society relies.

Training Resources:

For individuals looking for a hands on training that includes all of the above topics, Covert Access Team (covertaccessteam.com) provides training courses focused on physical penetration testing, lockpicking, bypassing techniques, social engineering and other essential skills.

• Covert Access Training - 5 day hands on course designed to train individuals and groups to become Covert Entry Specialists

• Elicitation Toolbox Course - 2 day course of that primarily focuses on elicitation and social engineering as critical aspects of Black Teaming

• Cyber Bootcamp for Black Teams - 2 day course designed explicitly for physical penetration testers who need vital cyber skills to add to their toolbox.

• Private one on one Instruction - Book time to get private and personalized instruction on physical penetration testing