Today, Coleman cites a number of estimated Hezbollah capabilities:
Equipment: Hezbollah possesses up-to-date information technologies -- broadband wireless networks and computers.Cyber Capabilities: Global Rating in Cyber Capabilities -- Tied at Number 37 Hezbollah has been able to engage in fiber optic cable tapping, enabling data interception and the hijacking of Internet and communication connections.
Cyber Warfare Budget: $935,000 USD
Offensive Cyber Capabilities: 3.1 (1 = Low, 3 = Moderate and 5 = Significant)
Cyber Weapons Rating: Basic -- but developing intermediate capabilities
The post goes on:
Using new hacking techniques, taking advantage of security vulnerabilities, and using simple, proven cyberattack methods, terrorists have the capability to attack us in ways not seen before. Key infrastructure systems that include utilities, banking, media/TV systems, telecommunications, and air traffic control systems have already been compromised. No one knows if cyber terrorists created trap doors and left logic bombs allowing them to easily bypass security systems and disrupt our critical infrastructure in coordination with traditional style attacks.
The notion that cyberterrorists have created trap doors, or left logic bombs behind in previous attacks, strikes me as a bit far-fetched. It's possible, and the recent alarm from the FBI about counterfeit Cisco routers is cause for concern. But IT systems change fairly quickly, and the utility of such digital plants wouldn't have a long shelf life, and couldn't be guaranteed to work when needed. I'm not sure what the "new" hacking techniques would be.
However, there's no doubt in my mind that cyberattacks against Western interests are going to supplement traditional warfare. They'll be used to attempt to disrupt financial networks, emergency responders, power, and other fundamental aspects of society.
The good news is that there's no secret nation-state or terrorist attack kit. I'm not aware of any super-duper denial-of-service attack capabilities that have yet to be unleashed. These attacks, if they happen at all, will most likely resemble the attacks against unpatched systems, or social engineering a user to somehow provide access. The odds of sustaining such an attack are in your favor, if you build a resilient architecture, with good security, risk management, and business-continuity procedures in place. In fact, any such attacks should be far less disruptive than the possible hacks, hurricanes, tornadoes, fires, or any other natural disaster you're already planning for.
The takeaway: If you're prepared for a sizable natural disaster, and already hardening your systems, you're as covered as you can be.