Hackers linked to Russia’s government launched a cyberattack last spring against municipal water plants in rural Texas. At one plant in Muleshoe, population 5,000, water began to overflow. Officials had to unplug the system and run the plant manually. The hackers weren’t trying to taint the water supply. They didn’t ask for a ransom. Authorities determined the intrusion was designed to test the vulnerabilities of America’s public infrastructure. It was also a warning: In the 21st century, it takes more than oceans and an army to keep the United States safe. A year later, countries around the world are preparing for greater digital conflict as increasing global tensions and a looming trade war have raised the stakes — and the chances that a cyberattack could cause significant economic damage, disrupt vital public systems, reveal sensitive business or government secrets, or even escalate into military confrontation. The confluence of events has national security and cyber experts warning of heightened cyberthreats and a growing digital arms race as countries look to defend themselves. At the same time, President Donald Trump has upended America’s digital defenses by firing the four-star general who led the National Security Agency, shrinking cybersecurity agencies and slashing election cybersecurity initiatives. Businesses now are increasingly concerned about cyberattacks, and governments have moved to a war footing, according to a report this month by NCC Group, a British cybersecurity firm. “The geopolitical dust is still settling,” said Verona Johnstone-Hulse, a London-based expert on government cybersecurity polices and the report’s co-author. “What the new normal looks like is still not yet set.” Many in the U.S. are already calling for a more muscular approach to protecting the digital frontier. “Hybrid war is here to stay,” said Tom Kellermann, senior vice president of cyberstrategy at Contrast Security. “We need to stop playing defense — it’s time to make them play defense.” Digital life means more targets for hackers Vulnerabilities have grown as people and businesses use connected devices to count steps, manage finances and operate facilities such as water plants and ports. Each network and connection is a potential target for foreign governments or the hacking groups that sometimes do their bidding. Espionage is one motive, demonstrated in a recent incursion linked to hackers in China. The campaign known as Salt Typhoon sought to crack the phones of officials, including Trump, before the 2024 election. These operations seek entry to sensitive corporate or government systems to steal secrets or monitor personal communications. Such information can be hugely valuable by providing advantages in trade negotiations or military planning. These hackers try to remain hidden for as long as possible. More obvious intrusions can serve as a warning or deterrent, such as the cyberattacks targeting the Texas water plants. Iran also has shown a willingness to use cyberattacks to make political points. The cyberattacks that frighten experts the most burrow deeply into telephone or computer networks, inserting backdoors or malware for later use. National security experts say this was the motivation behind a recent attack from China called Volt Typhoon that compromised telephone networks in the U.S. in an effort to gain access to an unknown number of critical systems. China could potentially use these connections to disable key infrastructure — power plants, communication networks, pipelines, hospitals, financial systems — as part of a larger conflict or before an invasion of Taiwan, national security experts said. “They can position their implants to be activated at a date and time in the future,” said Sonu Shankar, a former researcher […]