The Future of Sab0tage
Was a recent ammunition factory explosion the result of a cyber attack?
On Wednesday, July 3rd, a military ammunition factory in Arkansas experienced an unexpected "energetic incident," causing the death of at least one employee. The explosion was the latest in a long line of ammo factory cataclysms in the United States and Europe.
Military leaders have used sabotage to undermine their adversaries' capacities for millennia, and it is almost certainly being used today in the Ukraine conflict. The question is how. One need only read the Office of Strategic Services' classic Simple Sabotage Field Manual to understand that denigration can happen using a variety of techniques – from creating bureaucratic logjams in complex organizations, to dropping literal beach sand in the gas tanks of adversary vehicles.
But we are in the age of "high-low" combat in Ukraine, where artillery, trenches and mines meet high speed assassination drones, hypersonic missiles, and near-real-time overhead imagery.
So what might sabotage look like in the 21st century?
Since the beginning of the Ukraine-Russia war, there have been at least ten incidents at various ammunition factories on either side of the conflict. The public reports haven't always listed the cause, but some have attributed the attacks to saboteurs and long-range strikes (drones, missiles). As they say, the old ways are the good ways. But just as the Ukraine war has featured a mix of old tactics and new, it is likely that sabotage operations today and in the future will utilize cutting edge technology to achieve these kinds of tactical outcomes.
As the corporate managers of the global defense industrial base continue to chase five nines of uptime, today's mostly analog infrastructure will continue to digitize. And that means new vectors for sabotage. One need only look at the "Predatory Sparrow" cyber attacks against the Iranian steel industry to see that sabotage can happen via digital means as well. And this will only accelerate.
When I oversaw America's cyber posture as the senior National Security Council staffer on the topic from 2017-2021, I had a rule when an incident occurred. Everybody wanted to know "was this cyber?" And instead, I would ask, "what are we going to do TODAY, so that we can answer that question the next time?" The unfortunate reality is that in many industrial environments, from critical infrastructure to cutting edge weapons factories, both physical and digital safeguards are lacking. Building access key-cards and two factor authentication on cloud-hosted email accounts is about as good as one can expect. Start asking about monitoring the networks, systems, and applications touching the manufacturing floor in real-time and people look at you as if you were from another planet.
I'm obviously talking my book here. These trends are the reason why we started @GalvanickCo, and they are accelerating. But regardless of whether companies buy our system or not, digital sabotage of critical industrial processes is here to stay.
We have too many such challenges today with an open invitation for chaos by the Biden administration. Yet we also remain unaware, unprepared, and unarmed for the cognitive war and the unrestricted and asymmetric tactics that accompany it. As we remain stuck in WWI industrial mind set focused on kinetics vice picking up the mantle you left at the NSC and engaging in a well thought out strategic posture and strategy