A severe storm takes down the largest gasoline pipeline in the U.S., stretching from Texas all the way to New York. As nearly 17,000 gas stations run out of fuel, frantic Americans turn pit stops into parking lots, desperately trying to fill their tanks before another empty pump is cordoned off.

This scenario mirrors situations where infrastructure struggles against extreme weather. However, this particular storm arrived without rain or wind; it was Russian hackers who incapacitated the Colonial Gas Pipeline.

The 2021 attack on the Colonial Pipeline, which impacted almost half of the fuel supply on the East Coast, served as an early warning, according to U.S. cybersecurity experts who fear that foreign nations and groups operating with their support are ready to disrupt the American economic system, especially in times of conflict.

“It’s chaotic,” stated Colin P. Clarke, director of research at the Soufan Group, a global intelligence agency. “There is a continuous stream of various hacking attempts, aggressive cyber operations, and more, targeting both the public and private sectors.”

This year, hackers from China have breached telecom giants Verizon and AT&T along with other companies, suspected of wanting to gather intelligence on how these firms assist authorities in tracking down criminals.

“Foreign threats, such as those from communist China, are actively attempting to destabilize our nation through advanced cyberattacks,” remarked Rep. Bob Latta R-Ohio, chair of the House Subcommittee on Communications and Technology.

Recently, there has been a consistent wave of significant cyber attacks. While most of these have only caused small issues, experts note that the attempts are becoming more bold.

While hacking has been an issue since the early days of the internet, cybersecurity battles have now become a front in modern warfare, said Clarke. “It’s just another battlefield; we have air, land, sea, space, and now cyber.”

And the cyber battleground is becoming more intense.

As conflicts escalate in areas like the Middle East and Ukraine, cyber attacks targeting essential infrastructure have surged, noted Courtney Adante, president of security risk advisory at Teneo.

“The potential for attacks on water systems, dams, bridges, and energy supplies is a serious threat, one that demands greater public attention,” warned Adante.

A Continuous Game of Cyber Threats

This month, a cyber campaign by a group of Chinese hackers known as “Salt Typhoon,” which targeted major U.S. telecom companies, has stirred concern on Capitol Hill.

First reported by the Wall Street Journal, this breach allegedly affected Verizon, AT&T, and other telecoms, though further details are yet to be revealed.

In response, leaders from the House Energy and Commerce Committee warned these companies that “the integrity of your networks is crucial.”

“It’s essential to enhance cybersecurity measures to safeguard American data from increasingly advanced threats,” they emphasized, “particularly from foreign adversaries.”

U.S. officials informed The Washington Post that they suspect state-sponsored actors are investigating how telecommunications work with law enforcement to monitor and track foreign targets, particularly Chinese agents.

The Department of Homeland Security did not provide a comment.

Like many recent hacking incidents, the Salt Typhoon breach appears to have been mitigated without causing significant disruption for consumers. However, experts warn that the immediate goal is often not to create chaos.

Instead, the main strategy in cyber warfare is to scout an enemy’s system to create disorder when necessary, explained Craig Shue, chair of the computer science department at Worcester Polytechnic Institute.

Such probing attacks, of which there are thousands each year, are essentially reconnaissance missions, searching for flaws to exploit when the opportunity arises, according to Shue.

According to Shue, “attackers integrate themselves into the networks they target for extended durations.” He further explained, “They conduct reconnaissance to understand the usual behavior of the network.”

When hackers perceive that their concealment has been compromised, or if they anticipate being detected, they often withdraw. Shue noted, “If they sense that defenders are onto them, they decide it’s time to forgo subtlety and start their attack to create chaos.”

While most cyberattacks go unnoticed, the 2021 Colonial Pipeline incident highlights the significant damage that cyber attackers can inflict.

In this case, Russian hackers prompted Colonial Pipeline to halt operations across 5,500 miles of pipeline, which serves 50 million people, for five days. This resulted in fuel shortages at 16,200 gas stations along the East Coast and caused widespread public distress, ultimately leading the company to pay a $5 million ransom to restore access to their systems.

Clarke and other experts mentioned that for every hacking incident that is uncovered and publicly discussed, many more remain hidden. Clarke emphasized that the intention behind these efforts is not merely to disrupt Americans’ daily lives, but potentially to play a larger role in future conflicts.

This situation represents an ongoing standoff between foreign hackers and those responsible for combating such threats.

The question remains: who is actually prevailing?

Is America ready for a severe cyberattack?

Experts suggest that the state of cyber warfare between the U.S. and its adversaries resembles the “Mutually Assured Destruction” doctrine established between the U.S. and the Soviet Union in the 1980s concerning nuclear weapons. Clarke pointed out that each side can communicate, “We can make life quite uncomfortable for your population if you proceed with this.”

According to Jim Lewis, director of the Strategic Technologies Program at the Center for Strategic and International Studies, just as foreign nations have cyber infiltrators within America’s essential infrastructure, the U.S. has not been passive either.

“There’s a common belief among the Chinese and Russians that we are actively engaged in this as well,” Lewis said. “Whether that’s true or not is irrelevant because they suspect we are.”

Indeed, the U.S. appears to conduct its own cyber operations. For instance, over a decade after fugitive whistleblower Edward Snowden accused the National Security Agency of hacking the servers of the Chinese telecom giant Huawei, Beijing formally acknowledged this intrusion last year.

Though Chinese cyberattacks have been notably aggressive, Lewis remarked that due to their nature, such attacks are not recognized as explicit acts of war.

“The distinction is becoming increasingly unclear. For example, if I planted sea mines in San Francisco’s harbor, it wouldn’t result in an explosion immediately, but everyone would see it as a hostile act,” Lewis noted. “This is akin to the cyber version of laying mines in an enemy’s harbor.”

Recent attacks on essential services such as American Water Works and other telecommunications companies indicate a worrying trend.

American Water was attacked in early October, as noted in a Securities and Exchange Commission filing. This breach forced the utility to pause billing for millions of clients, prompting a warning from the Environmental Protection Agency. Fortunately, water delivery systems remained unaffected.

“Cyberattacks pose one of the most serious threats to our nation’s water and wastewater utilities as well as to various important sectors including communities, businesses, and hospitals,” stated EPA spokesperson Dominique Joseph following the American Water breach.

An EPA evaluation this year revealed that 70% of U.S. water utilities are susceptible to cyberattacks.

Currently, officials have not determined the culprits behind the American Water incident. This assault reflects a rising trend where foreign hackers increasingly target private, rather than governmental, entities.

According to security risk consultant Adante, around 89% of critical infrastructure in the U.S. is under private enterprise control.

“Why is this issue not being discussed more widely?” Adante expressed concern. “My worry lies with an infrastructure attack—targeting power grids and water systems—where human lives could be endangered.”