Inside a War Game Simulating a Chinese Cyberattack on US Water Utilities
By
Andy Greenberg
Summary
This article reports on a closed-door role-playing simulation (war game) organized by insurers and cybersecurity experts to model a catastrophic cyberattack by China's Volt Typhoon hacker group on 5,000 US water utilities. The simulation, led by former CISA strategist Joshua Corman, revealed a nightmare scenario of burst water mains, evacuated hospitals, and cascading infrastructure failures. The piece explores the vulnerabilities of US water systems, the inadequacy of current insurance and preparedness frameworks, and the geopolitical implications of state-sponsored cyber warfare targeting critical infrastructure.
Source
Key quotes
· 3 pulledIt's around an hour and 10 minutes into the role-playing game I've been invited to observe, a simulated catastrophic cyberattack on US water utilities, when the whole thing begins to feel less like a fun afternoon playing Dungeons & Dragons and more like a plausible threat to civilization.
Joshua Corman, the former Cybersecurity and Infrastructure Security Agency strategist serving as our dungeon master
Burst water mains. Evacuated hospitals. In a closed-door simulation, insurers played out their response to a mass disruption by China's Volt Typhoon hackers—and found a nightmare scenario.
You might also wanna read
How CISA is Helping U.S. Critical Infrastructure Defend Against Iranian Cyber Threats
Cybersecurity Expert Warns of Critical Staffing and Leadership Crisis at CISA Threatening U.S. Infrastructure
A cybersecurity expert with decades of experience warns that CISA (Cybersecurity and Infrastructure Security Agency) is experiencing a sever

From missiles to malware: Why the Gulf is stepping up its operational resilience
How frontier AI has undermined the competitive CTF cybersecurity scene
The author argues that the Capture The Flag (CTF) cybersecurity competition scene is effectively "dead" due to the rise of frontier AI model

Are Wars Blurring Lines Between Corporate and National Security?
The Practical Cybersecurity Risks of AI Implementation
The article argues that AI systems, particularly LLM-based ones, will compromise cybersecurity not through sci-fi scenarios of superintellig

Comments
Sign in to join the conversation.
No comments yet. Be the first.