The upcoming Netflix show Zero Day has created quite a stir with its portrayal of a catastrophic cyberattack on the United States, resulting in massive infrastructural damage and numerous casualties. The depiction of such a disastrous event begs the question: Could this happen in real life?
Ilia Sotnikov, a Security Strategist at Netwrix, sheds light on why viewers can enjoy the series while those responsible for national critical infrastructure must continue their efforts to prevent such a prolonged nationwide cybersecurity disaster from becoming a reality.
In recent years, several nations worldwide have experienced cyberattacks on their critical infrastructure. From ransomware attacks like the one on Colonial Pipeline to state-sponsored APT groups targeting government agencies and telecom providers, the threat landscape is evolving. However, the likelihood of a devastating cyberattack similar to the one portrayed in Zero Day is considered unrealistic in today’s world, and here are three key reasons why:
1. Increasing security oversight for critical infrastructure: Governments globally have implemented strict regulations and provide resources to assist critical infrastructure organizations like power plants, transportation networks, and healthcare providers in maintaining cybersecurity. The Cybersecurity and Infrastructure Agency (CISA) in the US plays a crucial role in facilitating cybersecurity oversight and coordination efforts across sectors, significantly reducing the probability of a successful attack on multiple critical systems simultaneously.
2. Operational and technical complexity: Coordinating an attack on an entire nation’s critical infrastructure poses significant technical and operational challenges. Adversaries would need to establish persistence across diverse environments, understand their operations, and strategically target systems for maximum impact. Executing such a sophisticated operation, which requires high-level access and prolonged presence without detection, is akin to a military-grade mission, beyond the capabilities of most cyber threat actors.
3. Global monitoring and diplomacy: While intelligence services gather information on other nation-states for strategic purposes, launching a cyber operation against civilian infrastructure is a different proposition. Any such incursion, even for preparatory purposes, would have severe diplomatic consequences, akin to an act of war. The high stakes involved make it unlikely for any nation-state to engage in such an attack, knowing the repercussions it would invite.
While the risk of a coordinated cyberattack on critical infrastructure remains low, the severity of its potential impact necessitates proactive risk management measures. Despite the unlikelihood of a doomsday cyber event, organizations and governments must remain vigilant and prepared. The collaborative efforts of governments, intelligence agencies, and critical infrastructure entities are crucial in mitigating this risk and ensuring the resilience of critical systems.
In conclusion, while cyberattacks have disrupted critical infrastructure on a limited scale in recent years, the probability of a catastrophic event like the one depicted in Zero Day is minimal. Viewers can enjoy the show knowing that the reality of such a devastating cyberattack is far removed from current cybersecurity measures and global diplomatic norms.