The assassination of Franz Ferdinand, the archduke of Austria-Hungary, at the hands of a Serbian nationalist, lit a fuse that ignited World War I, a catastrophe that slaughtered 17 million people and re-ordered global politics.

Could Russian interference in the 2016 U.S. presidential race, ordered by President Vladimir Putin, similarly touch off an all-out cyber world war? That's not an idle question. It is a scenario that, more so than ever before, is being seriously discussed and debated in the global intelligence and cybersecurity communities.

Adding urgency is a report issued on Dec. 31 by the U.S. Department of Homeland Security summarizing how a Russian intelligence services operation, dubbed "Grizzly Steppe," has been responsible for attacks against U.S. government agencies, utilities, universities, political organizations and private companies.

Here's what you should know about how a cyber world war sets up - and might play out.

Grizzly Steppe's scope

On Feb. 10, DHS released technical details about Grizzly Steppe so that the targeted organizations would be better able to gird their networks. Russian hackers often start with spearphishing campaigns; they masquerade as known, respected or feared third parties or hide behind false personas in order to trick targeted employees into offering up their passwords on spoofed websites.

The operatives thereby gain a valid username and password. This privileged access enables them to move freely through a business network and stealthily install malicious files in tactical locations. The end game: establish a "presence and persistence on a target network, obtain higher-level privileges, and ex-filtrate information," DHS says.

Common criminals

In cyber combat, the line between a nation-state backed cyber spy and a garden variety criminal gets blurry. An analysis of DHS's report by TruSTAR Technology shows the Grizzly Steppe operatives relied on much the same tactics, techniques and procedures, or TTPs, as the Carbanak gang, a Russian ring infamously known for hijacking an estimated $1 billion from more than 100 financial institutions in a string of daring capers worthy of a Hollywood thriller.

TruSTAR's CEO Paul Kurtz makes the point that the Grizzly Steppe operatives might be borrowing infrastructure from the Carbanak gang "to mask themselves or out of laziness." Or it could be that members of the Carbanak crew lead a double life: secret agents by day, hackers by night, Kurtz observes.

Infrastructure targets

Japan attacked Pearl Harbor on Dec. 7, 1941 to distract and delay the U.S. from interfering with its expansion in Asia for as long as possible. Similarly, an all-out cyberattack against the U.S. is likely to focus on taking down critical infrastructure and crippling banking systems -- to buy time, says Dr. Kenneth Geers, senior research scientist at Comodo. The aggressor would likely follow up with cyber strikes aimed at disrupting the ability of U.S. armed forces to use the Internet to communicate and deploy weapons, he says.

U.S. cyber might

"I fear we have awakened a sleeping giant and filled him with a terrible resolve." So uttered Japanese Admiral Isoroku Yamamoto in 1941, following Japan's destruction of much of the U.S. Pacific fleet. In fact, the U.S. today is well positioned to withstand and recover quickly from any all-out cyber attack, Geers says.

And then, just as it was at the start of WWII, it would be bad news for the aggressor, whether it be Russia, China, Iran or North Korea. That's because the U.S. currently has far greater Internet connectivity, not to mention cyber warfare know-how, than all of those nations combined. The superior cyber resources of the U.S. and its allies could be brought to bear in a devastating counter attack, says Geers, who has studied these scenarios closely as a founding member and current ambassador of NATO's Cooperative Cyber Defence Centre of Excellence.

Citizen cyber soldiers

The U.S. and its allies also have a secret weapon: hundreds of millions of smart-phone wielding, social-media connected, like-minded citizens who would be highly motivated to help repel any invaders. We initially witnessed the rapid scalability and raw power of citizen protests in the Arab Spring uprisings of 2010, which resulted in the upheaval of several autocracies.

And let's not forget the global women's rights marches, spurred by Donald Trump's inauguration, followed by the spontaneous airport protests of the President's incendiary immigration ban. Those were glimpses of how social media and mobile device communications could rally and direct citizen power against an attacking force.

Published on: Mar 7, 2017