Since Friday, according to Pensacola, Florida officials, the small northern Florida town has been crippled by a systemic cyberattack. This comes in the wake of an actual terror attack at the Pensacola Naval Air Station one day earlier.
The perpetrators of the cyberattack are unknown, and it has yet to be confirmed that this malicious attack has anything to do with the shootings at the Naval Air Station that left three U.S. sailors dead. Thankfully, the ongoing cyberattack has not debilitated the most important city functions, such as 911 emergency operations. Yet, many other aspects of the city’s government have been taken offline either as a result of the cyberattack or in response to the attack.
The fact that these attacks occurred in the same city the day after a deadly terrorist attack has prompted many to speculate that the events are linked. As it happens, however, Pensacola is but the latest in a long line of small-to-medium-sized Florida cities that have endured cyberattacks this year.
Ocala and Naples, for example, were subjected to a grievous business email compromise attack which resulted in several hundreds of thousands of dollars being removed from their proper place and put into the coffers of faceless hackers.
The Pensacola Naval Air Station Plot
Fact is, the terrorist attack on the Pensacola Naval Air Station did not happen in a vacuum. The attacker, young Saudi Royal Air Force 2nd Lt. Mohammed Saeed Alshamrani, was on official assignment to train with the U.S. Navy so he could return to Saudi Arabia and help to defend his country from neighboring Iran and from the terrorist scourge threatening them. But Alshamrani appears to have been converted into the cult of Sunni Islamic terrorism (which calls Saudi Arabia home) some time before his arrival in the United States.
What’s more, Alshamrani was not acting alone.
The night before his dastardly attack, the young Saudi Royal Air Force officer hosted a “dinner party” for 10 fellow Saudi military officers who had also been assigned to Pensacola. The dinner allegedly consisted of the Saudis watching Islamist propaganda and videos of mass shootings.
The next morning, Alshamrani reported for duty at the Naval Air Station as though everything was normal. Once inside the base, though, he began shooting at U.S. military personnel with a firearm that he reportedly purchased legally five months before the attacks. Outside, according to news reports, at least one fellow Saudi “followed and filmed” the attack while “several other Saudis waited and observed the attack from a car.”
The FBI insists Alshamrani’s fellow Saudi military officers assigned are fully cooperating with their investigation, they have been ordered to remain on base until further notice. Moreover, 300 Saudi aviation officers currently in the United States have been grounded.
Was the Pensacola base attack a small act of terrorism localized to Pensacola? Or, was it the start of something more?
Gather Ye Cyber Warriors
If the Pensacola attacks were merely a dry run of a much larger series of planned terrorist cyberattacks against critical American infrastructure, drastic action on the part of the federal government needs to be taken now.
The Trump Administration should immediately form an interagency task force dedicated to preventing and intercepting any potential terrorist cyberattack over the next year. An immediate appraisal of the near-term vulnerabilities that somewhat well-trained and experienced hackers, acting to further the goals of a jihadist terror group, might attempt to exploit over the next year is needed.
Already, the National Infrastructure Advisory Council has warned the Trump Administration that the “country isn’t prepared to handle a major cyberattack from a foreign rival.” It’s time for Trump to take his turnaround business instincts and kick into gear the implementation of the reforms recommended by that advisory council (and other cybersecurity experts) and put it into immediate practice.
The United States should also spend the next several months shoring up intelligence-sharing capabilities with its international partners. If the United States were subject to a massive cyberattack (or a continuous wave of terrorist cyberattacks), it must have the ability to shut down affected systems and reallocate those systems to other parts of the world—without losing much in the way of capabilities.
Next, the Trump Administration will have to start worrying about what happens if the U.S. government is unable either to prevent or mitigate a full-blown jihadi cyberattack. The military refers to this phase of crisis management as being to “right of boom.” That is, once the bomb detonates, how does one recover? Just as with America’s satellite constellations, America’s cyber systems are not survivable in their present condition. America’s enemies, from rivals like China to stateless terrorist groups, like ISIS or al Qaeda, know this.
Rather than obfuscate the events in Pensacola, the U.S. government should be loudly declaring that the country is at risk as never before to a jihadist cyberattack. And, it must go on an emergency war footing to defend our vulnerable assets in cyberspace.
Delay is not an option. The warning lights have been flashing for years. These Pensacola attacks highlight the severe level the threat in cyberspace has reached. These events demand that our government move in ways and at speeds that I fear it is incapable of operating, meaning that every American should prepare for the inevitable disaster that is likely to come.
Sadly, although the United States should be more than capable of defending itself in cyberspace, it appears unwilling to do so, which invites attack. If there is, in fact, a dedicated campaign of cyber-terrorism in the works against critical American infrastructure, the next year will be crucial. Even though this remains an unknown, I’d personally prefer our lavishly funded national security state did not rest on their laurels and hope that nothing happens.