💻

Global Cyber Attack

HIGH

Global Cyber Attack

Overview: The Invisible War

Of every scenario in this handbook, a coordinated global cyber attack is arguably the most likely to actually happen — and in many ways, it already has, just not all at once. Yet.

In 2017, the NotPetya malware — attributed to Russian military intelligence — was launched against Ukrainian tax software. Within hours, it had spread to 64 countries, crippling Maersk (the world’s largest shipping company, 76 ports frozen), Merck pharmaceuticals, FedEx’s European operations, and Cadbury chocolate factories in Australia. Total damages: $10 billion. It remains the most destructive cyberattack in history, and it was aimed at one country’s tax software.

That same year, the WannaCry ransomware hit Britain’s National Health Service so hard that hospitals diverted ambulances, cancelled 19,000 appointments, and reverted to pen-and-paper record-keeping. The attack exploited a single vulnerability that the NSA had discovered and kept secret.

Go back further: in 2010, the Stuxnet worm — a joint U.S.-Israeli operation — physically destroyed roughly 1,000 Iranian nuclear centrifuges by silently manipulating their spin speeds while displaying normal readings to operators. It proved that code could break machines.

In 2020, the SolarWinds hack gave Russian intelligence access to 18,000 organizations including the U.S. Treasury, Department of Homeland Security, and Microsoft — for fourteen months before anyone noticed. In 2021, the Colonial Pipeline ransomware attack shut down fuel delivery to 45% of the U.S. East Coast for six days, triggering panic buying and gas station lines reminiscent of the 1970s oil crisis. The ransom was $4.4 million in Bitcoin. The attackers got in through a single compromised password on an old VPN account.

Now imagine all of these happening simultaneously. A coordinated, multi-vector cyber offensive targeting power grids, financial systems, communications infrastructure, water treatment, transportation logistics, and healthcare networks across multiple nations at once. This isn’t science fiction — it’s the scenario that keeps intelligence agencies up at night and the one that military cyber commands in at least 30 nations actively plan for.

Why Cascading Failure Is the Real Threat

Modern infrastructure isn’t just digital — it’s interdependent. Power grids need communications networks to coordinate load balancing. Communications networks need power. Financial systems need both. Water treatment plants run on SCADA systems connected to the internet. Hospitals depend on electronic records, networked equipment, and just-in-time pharmaceutical supply chains managed by software.

Knock out one pillar and the others wobble. Knock out three simultaneously and you get cascading failure — a domino chain where each falling system takes others with it. The 2003 Northeast Blackout, caused by a software bug in an alarm system at an Ohio power company, left 55 million people without power and cost $6 billion. That was an accident. A deliberate attack would be surgical, simultaneous, and designed to prevent recovery.

Attack Vectors: How It Happens

SCADA/ICS Targeting

Supervisory Control and Data Acquisition (SCADA) systems run power plants, water treatment facilities, oil refineries, and manufacturing. Many were designed in the 1980s and 1990s with zero security considerations — they were never meant to be connected to the internet. Now many are. In 2015 and 2016, Russian hackers attacked Ukraine’s power grid using BlackEnergy and Industroyer malware, cutting power to 230,000 customers in the first attack. The 2016 attack was more sophisticated: it could directly manipulate circuit breakers, and included a wiper component to destroy the utility’s own recovery systems.

Financial System Attacks

In 2016, hackers stole $81 million from Bangladesh’s central bank by exploiting the SWIFT interbank messaging system — the backbone of global finance. They attempted to steal $951 million; only a typo in a transfer request stopped them. A coordinated attack on SWIFT, combined with ransomware hitting major banks’ core systems, could freeze global commerce within hours. No ATMs, no credit cards, no wire transfers, no payroll.

GPS Spoofing

GPS isn’t just for navigation. It provides precise timing signals that synchronize cell towers, stock exchanges, power grid operations, and banking transactions. Spoofing or jamming GPS — which Russia has done repeatedly in the Baltic and Black Sea regions, affecting commercial aviation — could desynchronize critical infrastructure. In 2019, ships in the Black Sea reported GPS placing them at airports 25 miles inland.

Communications Disruption

Undersea cables carry 97% of intercontinental data. There are roughly 550 active cables worldwide, and their landing points are public knowledge. Physical sabotage combined with cyberattacks on satellite communications and cellular infrastructure could isolate entire continents. In 2022 and 2023, multiple undersea cables in European waters were damaged under suspicious circumstances.

Water and Power Grid Infiltration

In February 2021, a hacker accessed the water treatment system in Oldsmar, Florida, and attempted to increase sodium hydroxide (lye) levels to 100 times the normal amount — potentially poisoning the water supply of 15,000 people. An alert operator caught the mouse cursor moving on his screen. In a coordinated attack, there might not be an alert operator watching.

Immediate Effects: The First 24 Hours

When the lights go out — not from a storm, but from a coordinated cyber assault — the cascade happens fast:

Hour 0-1: Power grid sections begin failing. ATMs and point-of-sale systems go dark. Cell towers with 4-8 hour battery backups still function, but network congestion makes calls nearly impossible. Traffic lights fail in major cities. Gas pumps (which need electricity) stop working.

Hour 1-6: Banks cannot process transactions. Digital payment systems — Visa, Mastercard, Apple Pay, Venmo — are offline or compromised. Hospitals switch to backup generators (most have 24-72 hours of fuel). 911 systems, many running on decades-old software, begin failing. GPS-dependent logistics halt: trucks don’t know their routes, automated warehouses freeze, last-mile delivery algorithms crash.

Hour 6-12: Panic buying begins at any store that can still operate on cash. Gas stations with remaining power see lines stretching for miles. Social media goes intermittent, replaced by rumor and confusion. Municipal water systems that depend on electric pumps lose pressure in upper floors of buildings. Refrigeration fails — the clock starts on $200+ billion worth of perishable food in cold chains nationwide.

Hour 12-24: Backup generators at cell towers begin dying. Communication becomes local only. Hospitals face medication shortages as automated pharmacy systems fail and electronic prescriptions become inaccessible. Flights are grounded (FAA systems compromised or simply lacking reliable data). First responders are overwhelmed and increasingly unreachable.

The critical distinction: Unlike a natural disaster, a cyber attack may be invisible at first. Systems might appear to work while delivering wrong data. Your bank balance might read zero — or a million. Water treatment readings might show “safe” while chemical levels drift. Trust in every digital readout evaporates.

First 72 Hours Protocol

Confirm the Situation

Before you act, verify. Is this a local outage or something larger? Check battery-powered AM/FM radio for emergency broadcasts. NOAA Weather Radio (162.400-162.550 MHz) often carries emergency management updates. If your car starts and has gas, the car radio works. Talk to neighbors. If everything digital is down simultaneously — power, cell, internet, card payments — assume the worst and act accordingly.

Immediate Actions (First 6 Hours)

  1. Fill bathtubs, sinks, and every container with water — municipal pressure may fail within hours if pumping stations lose power
  2. Withdraw cash immediately if any ATMs still function — withdraw the maximum. $500-$1,000 in small bills ($5s, $10s, $20s) is your lifeline
  3. Fuel up all vehicles and fill gas cans — pumps will stop working when station backup power dies
  4. Gather medications — if pharmacies are open, refill anything you can. Electronic prescription systems will be among the first casualties
  5. Charge every device while you still can — even without internet, phones are flashlights, calculators, cameras, and offline reference libraries
  6. Document your financial accounts — photograph or write down account numbers, balances, recent transactions. When systems come back, disputes will be rampant

Hours 6-24

  1. Consolidate food — inventory everything perishable and plan meals to use refrigerator items first, then freezer (a full freezer stays frozen 48 hours unopened), then pantry goods
  2. Establish neighborhood communication — physically check on elderly and vulnerable neighbors. Designate a meeting point and time (e.g., front yard, every morning at 9 AM)
  3. Secure your home — if the outage extends and police communications are down, opportunistic crime rises. Lock up, know your exits, bring outdoor valuables inside
  4. Listen, don’t transmit — conserve battery-powered radio batteries. Tune in at the top of each hour for emergency broadcasts

Hours 24-72

  1. Ration water — minimum 1 gallon per person per day for drinking; more for sanitation. If municipal water fails, identify backup sources: water heaters hold 30-80 gallons of potable water
  2. Begin bartering network — connect with immediate neighbors to share resources: someone has a generator, someone has extra food, someone has medical training
  3. Protect critical documents — gather IDs, insurance papers, deeds, birth certificates. In a prolonged cyber event, proving your identity becomes genuinely difficult when every database is compromised or offline
  4. Monitor for disinformation — in the chaos, false information spreads faster than malware. Verify claims through multiple independent sources before acting

Cash & Barter: When Digital Money Dies

The average American carries $67 in cash. The average transaction is $59. Most people couldn’t buy a single tank of gas if every digital payment system failed simultaneously.

Emergency Cash Strategy

  • Keep $500-$1,000 in small bills at home in a fireproof safe or hidden location. This isn’t paranoia — it’s insurance
  • Coins matter — vending machines, laundromats, and payphones (yes, ~100,000 still exist in the U.S.) run on coins
  • Distribute cash — don’t keep it all in one place. Some at home, some in your car, some on your person

When Cash Runs Out: Barter Economy

Within days of a prolonged outage, barter becomes the primary economy. High-value trade goods include:

  • Fuel (gasoline, propane, butane) — the universal currency
  • Batteries (AA, AAA, D-cell, 9V) — immediately valuable
  • Medications (OTC painkillers, antibiotics, antihistamines)
  • Water purification (filters, tablets, bleach — 8 drops of unscented 6% bleach per gallon)
  • Tobacco and alcohol — historically among the most traded commodities in every crisis
  • Ammunition (where legal) — another historical crisis currency
  • Hygiene products — toilet paper, soap, feminine products, diapers
  • Coffee and salt — morale items that become luxury goods fast

Critical rule: Never reveal the full extent of your supplies when trading. Show only what you’re willing to trade.

Communication Alternatives

When cell towers die and internet vanishes, you need analog fallback.

Ham Radio (Amateur Radio)

The single most important communication tool in a cyber crisis. Ham radio operates independently of all internet and cellular infrastructure.

  • Entry level: Baofeng UV-5R ($25-$30), covers 2m and 70cm bands, range 2-15 miles depending on terrain
  • Intermediate: Yaesu FT-60R ($150), more durable and reliable
  • Base station: Yaesu FT-991A ($1,200), covers HF/VHF/UHF, can reach worldwide on HF bands
  • License required: Technician license (entry level) requires passing a 35-question multiple choice exam. Study time: 10-20 hours. Get licensed before you need it
  • ARES/RACES networks: Amateur Radio Emergency Service groups exist in nearly every U.S. county and activate during disasters
  • Repeaters: Local ham repeaters extend handheld range to 50+ miles. Know your local repeater frequencies in advance

Mesh Networking

  • Meshtastic devices ($30-$50) create decentralized text-messaging networks using LoRa radio on 915 MHz (U.S.). Range: 1-10 miles per node, but messages hop between nodes. No license required, no infrastructure needed
  • goTenna devices provide similar mesh capability for smartphones via Bluetooth pairing

Low-Tech Communication

  • Physical bulletin boards at community gathering points — churches, schools, fire stations
  • Shortwave radio for receiving international broadcasts (BBC World Service, VOA maintain shortwave transmitters for exactly this scenario). A Tecsun PL-330 ($60) covers all shortwave bands
  • CB Radio — Channel 9 is the universal emergency channel, Channel 19 for general communication. No license required. Range: 3-10 miles
  • Signal mirrors, whistles, flags — don’t underestimate visual and audible signals for local communication. Three of anything (blasts, flashes, fires) is the universal distress signal

Power & Utilities: When the Smart Grid Goes Dark

Understanding the Grid’s Vulnerability

The U.S. power grid is actually three separate grids (Eastern, Western, and Texas Interconnections) managed by ~3,000 utilities running a patchwork of modern and legacy systems. Many substations can be manually operated, but the coordination software that balances load across regions is deeply vulnerable. The grid was designed for centralized power generation flowing one direction — the addition of solar, wind, and distributed generation has made it more complex and, in some ways, more fragile.

Backup Power Options

  • Portable generators (3,500-7,500W): Run essential appliances for 8-12 hours per tank. Keep 20+ gallons of stabilized fuel on hand. Never run indoors — carbon monoxide kills roughly 80 Americans per year during power outages
  • Solar panels + battery (e.g., Jackery 1000 Plus, EcoFlow Delta Pro): 1-3 kWh of silent, fuel-free power. Enough for phones, radios, LED lights, and a small fridge
  • Vehicle-to-load (V2L): Many modern EVs and hybrids can power a house. A Ford F-150 Lightning can output 9.6kW — enough to run an average home for 3 days
  • Uninterruptible Power Supplies (UPS): A 1500VA UPS keeps your modem and critical devices running for 30-90 minutes during brief outages — enough to save data and shut down cleanly

Manual Overrides

  • Know where your home’s main water shutoff valve is
  • Learn to manually open your electric garage door (every automatic opener has a manual release cord)
  • If you have a well, know whether it has a hand-pump backup
  • Gas fireplaces with standing pilot lights work without electricity. Electric ignition models don’t
  • Old-fashioned landline phones (copper POTS lines, not VOIP) draw power from the phone line itself and may work when everything else is down — though these are increasingly rare

Food & Water: Supply Chain Collapse

The Logistics Problem

Modern grocery stores operate on 3-day just-in-time inventory managed entirely by software. Walmart’s supply chain system processes 2.5 million inventory transactions per hour. When that software goes dark, trucks don’t get dispatched, warehouses don’t know what to ship, and stores don’t know what to order. Even if food physically exists in warehouses, the logistics to move it collapse.

Water Security

  • Municipal water treatment runs on SCADA systems. If compromised, treatment may fail or — worse — be actively sabotaged
  • Store minimum 1 gallon per person per day, 14-day supply (14 gallons per person)
  • Purification methods: Boiling (1 minute rolling boil, 3 minutes above 6,500 ft elevation), bleach (8 drops per gallon, wait 30 minutes), commercial filters (Sawyer Squeeze handles 100,000 gallons, costs $30)
  • Emergency sources: Water heater tank (drain via bottom valve), toilet tanks (not bowls), rain collection, streams and ponds (always purify)

Food Strategy

  • Two-week pantry minimum: Rice, beans, canned goods, peanut butter, oats, honey, powdered milk, cooking oil, salt, multivitamins
  • Calorie targets: Minimum 1,200 cal/day survival, 2,000 cal/day for active adults
  • Cooking without power: Propane camp stove (with extra fuel canisters), charcoal grill (outdoor only), rocket stove (burns small sticks efficiently), solar oven
  • Preserve what you can: When the freezer dies, cook and eat perishable meat immediately. Salt, smoke, or dehydrate what you can’t eat right away

Personal Digital Security

Before the Attack (Do This Now)

  1. Offline backups of critical data — external hard drive, updated quarterly, stored in a fireproof container. Include: financial records, family photos, important documents, medical records, tax returns
  2. Print critical information: Emergency contacts, medical info (allergies, medications, blood types for household), insurance policy numbers, bank account numbers, maps of your area
  3. Password manager with offline access — KeePassXC stores an encrypted database locally. Your cloud-based password manager is useless when the cloud is gone
  4. Two copies of important documents — one at home, one in a bank safe deposit box or with a trusted family member in a different geographic area
  5. Air-gapped backup device — a cheap laptop that never connects to the internet, loaded with reference materials: first aid guides, local maps, this handbook

During the Attack

  • Disconnect from networks — if the attack is ongoing, every connected device is a potential target. Turn off Wi-Fi and Bluetooth
  • Don’t plug in unknown USB devices — Stuxnet spread via USB drives. Social engineering attacks spike during crises
  • Assume all digital communications are compromised — don’t transmit sensitive information over any electronic channel
  • Factory reset compromised devices only if you have offline backups. Otherwise, power them off and isolate them for forensic recovery later
  • Watch for phishing — after every major cyber incident, secondary scam campaigns explode. Emails claiming to be from your bank, government agencies, or utilities offering “recovery assistance” are almost certainly attacks

Long-Term Recovery

The Trust Problem

After a major cyber attack, the hardest thing to rebuild isn’t infrastructure — it’s trust. How do you trust your bank balance is correct when the database was compromised? How do you verify your medical records weren’t altered? How do you know the water treatment system is actually reading correctly now?

Recovery from a coordinated cyber attack could take months to years. NotPetya alone took Maersk 10 days to rebuild their entire IT infrastructure — 45,000 PCs, 4,000 servers — from scratch. They found one surviving backup of their Active Directory in a domain controller in Ghana that had been offline during the attack due to a power outage. One copy. In Ghana. By accident.

Community Coordination

  • Establish a local emergency council — fire department, medical professionals, ham radio operators, anyone with relevant skills
  • Create analog record-keeping — paper ledgers for trades, handwritten community bulletins, physical message boards
  • Coordinate security — not vigilantism, but organized neighborhood watches with clear communication chains
  • Share skills — someone knows how to purify water, someone can fix generators, someone has medical training. Build a skills inventory of your community

Analog Fallbacks

  • Paper maps — when GPS is gone, you need physical maps. USGS topographic maps of your area are free to download and print at home (do it now: store.usgs.gov)
  • Analog clocks and watches — when the NTP time servers go dark, digital clocks drift. An analog watch with manual winding is a surprisingly important tool
  • Mechanical tools — hand-crank radio, manual can opener, non-electric water filter, hand tools instead of power tools
  • Physical books — reference manuals, first aid guides, field guides for edible plants. Your Kindle is a paperweight without power

Rebuilding Digital Trust

  • Systems will come back online gradually, with significant government oversight
  • Expect mandatory password resets across all services
  • Financial institutions will likely freeze accounts during verification
  • Keep your paper records — they’ll be essential for disputing errors in restored databases
  • Critical infrastructure will be air-gapped and redesigned — this process took years after Stuxnet was discovered

Gear Checklist

Communication ($100-$300)

  • Baofeng UV-5R ham radio + extra battery + programming cable ($35)
  • AM/FM/Shortwave radio, battery or hand-crank (Kaito KA500, $50)
  • Meshtastic LoRa device for text mesh networking ($35)
  • FRS/GMRS walkie-talkies, pair ($30)
  • Whistle and signal mirror ($10)

Power ($200-$800)

  • Portable solar panel, 100W+ foldable ($100-$200)
  • Portable power station, 500Wh+ ($200-$500)
  • Rechargeable batteries + solar charger, AA/AAA ($30)
  • UPS for modem/router, 1500VA ($100)
  • Hand-crank USB charger ($20)

Information & Security ($50-$150)

  • External hard drive with offline backups ($50)
  • Printed documents: contacts, medical info, maps, account numbers
  • Faraday bag for electronics ($15-$30)
  • USB drive with critical digital files, encrypted ($15)
  • Physical paper maps of your region ($10-$20)
  • Analog wristwatch, mechanical or solar ($30-$100)

Water ($50-$100)

  • 14-day water supply (14 gal/person), stored in food-grade containers
  • Sawyer Squeeze or LifeStraw water filter ($20-$35)
  • Water purification tablets, 50-pack ($8)
  • Unscented household bleach, 6% ($4)
  • Collapsible water containers, 5-gallon ($10 each)

Food ($100-$200)

  • 14-day food supply per person, shelf-stable
  • Propane camp stove + 4 fuel canisters ($40)
  • Manual can opener ($5)
  • Cast iron skillet ($20)
  • Bulk staples: rice, beans, oats, salt, cooking oil, honey

Cash & Trade ($500-$1,000)

  • Emergency cash in small bills ($500-$1,000)
  • Roll of quarters ($10)
  • Barter goods: lighters, batteries, OTC medications, hygiene items

Documents (Priceless)

  • Fireproof document safe ($30-$80)
  • Copies of all IDs, insurance, financial accounts, property deeds
  • Family emergency plan with meeting points and out-of-area contact
  • Written inventory of all digital accounts and credentials (stored securely)

The Bottom Line

A global cyber attack isn’t a question of if but when — and how bad. The interconnectedness that makes modern life convenient is the same interconnectedness that makes us fragile. Every system trusts every other system, and that trust can be weaponized.

The good news: unlike an asteroid or supervolcano, a cyber attack doesn’t destroy physical reality. The food still exists. The water still flows downhill. The roads are still there. What breaks is the invisible digital layer we’ve draped over everything — the layer that tells the food where to go, the water how to get treated, and the money how to move.

Your survival strategy is simple in concept: be able to live without that layer. Have cash when digital payments fail. Have a radio when phones die. Have water stored when pumps stop. Have paper records when databases burn. Have analog skills when algorithms crash.

The most dangerous cyber attack isn’t one that breaks your computer. It’s one that breaks your assumption that everything will keep working the way it always has.

Prepare for analog. It might save your life.