‘Death Under Computation’ traces how contemporary Russian 'smart weapons' have roots in largely-unknown experiments of Soviet military cybernetic research from the 1950s. The project website (www.machinic.info/computation), is intended to reveal the colonial logic at work in contemporary Russian warfare. Understanding its colonial premise can lead to new ways of resistance. The essay extends into material objects for the exhibition, translating the content of the site into physical holograms and textile diagrams.
What are the biggest dangers of cyber war? What are the chances of cyber warfare?
I'd be cautious to use a word like cyber war, just because it implies that it should be considered separately from regular warfare. However, I don't think it's useful to isolate it like that. Conceptually, it is one domain that states can incorporate into their strategy, whether for espionage and sabotage purposes or to assist ongoing operations during warfare.
In this regard, I'd like to point out an implicit escalatory component. Say you want to develop the capability to target wastewater systems with the intent to cause sewage spills. Attacks like these are not done quickly. First, you need time to prepare and scope out the IT environment in several facilities, which may vary in terms of software and hardware. Then you need to develop the actual framework with modules related to these systems, and undertaking which involves trial and error. In most cases, you would therefore start planning large-scale operations of this kind during peacetime. However, if you get caught, your adversary will have to react. They can either simply try to block you or panic and reciprocate by also stepping up their capabilities and improving their IT-infrastructure. Since the main benefit of cyber espionage and sabotage is that these tools are not on display like tanks and rockets, it is hard to know who is able to do what. Thus, escalatory behavior is always a risk.
Analysts warn that Russia could retaliate against the sanctions by targeting critical infrastructure in the United States and Europe.
How could a disastrous cyber attack play out?
To illustrate possible scenarios, I'll stick to two examples. The first one is the attack that happened in Ukraine in 2016. Hackers – called "Sandworm" – took down a swathe of Kyiv's power grid. If you can take out the power grid, it will have devastating effects within a week or two. Analysis of the incident has shown that the hackers were very sophisticated and tried to shut down the system for months (but ultimately failed to do that). As numerous experts have repeatedly pointed out, shutting down a power grid is hard to do. It requires months of research and testing, and you'd need to have capable people overseeing each step in the process. However, it still remains an option.
Number two: Hackers could target safety systems to render them inoperable. Say you have a refinery and you're processing five million tons of petrochemicals. You have safety systems in place to make sure that the processes you're running are neither a danger to your workers nor to the environment. Hackers called "Xenotime" have targeted these very devices and exploited the software vulnerabilities they were able to find. If only "briefly," the framework they developed managed to shut down a facility in Saudi Arabia. Operations like this are said to be highly-customized, therefore they are not easy to pull off. Nevertheless, the mere existence of such a capability is telling, as it is an indication of how far some groups are willing (or ordered) to go.