Homeland Security: Attacks on U.S. Infrastructure on the Rise
- Cyber attacks on U.S. infrastructure are up to 342 reported so far this year from 116 in 2010.
- The Homeland Security Department’s Cyber Analysis Center tracks and responds to infrastructure threats and intrusions.
- Reporting intrusions or threats is currently voluntary and up to the private utility company.
IDAHO FALLS, Idaho (The Blaze/AP) — It’s only natural for our country’s power grids, water systems and other infrastructure to start hooking up to the Internet, but this is making them increasingly vulnerable to cyber attacks. Attacks that the Homeland Security Department says are increasing.
According to the Homeland Security Department, Control System Security Program cyber experts responded to 116 requests for assistance in 2010, and have been called in for nearly triple that (342) so far this year.
During a media tour Thursday of secretive defense labs intended to protect the U.S. power grid, water systems and other vulnerable infrastructure, acting DHS Deputy Undersecretary Greg Schaffer said that the world’s utilities and industries increasingly are becoming vulnerable as they wire their industrial machinery to the Internet.
The HSD’s control system program includes the emergency response team, a Cyber Analysis Center where systems are tested for vulnerabilities, a malware laboratory for analyzing cyber threats and a classified “watch and warning center” where data about threats are assessed and shared with other cyber security and intelligence offices. The offices are located at nondescript office buildings scattered around Idaho Falls. No signs announce their presence.
“We are connecting equipment that has never been connected before to these global networks,” Schaffer said. Disgruntled employees, hackers and perhaps foreign governments “are knocking on the doors of these systems, and there have been intrusions.”
Under current law, the reporting of cyber attacks by private organizations is strictly voluntary, although the Obama Administration has proposed making reporting mandatory. DHS could not provide details on the attacks due to confidentiality agreements.
Officials said they knew of only one recent criminal conviction for corrupting industrial control systems, that of a former security guard at a Dallas hospital whose hacking of hospital computers wound up shutting down the air conditioning system. The former guard was sentenced to 110 months in prison in March.
Marty Edwards, chief of the control system security effort, said the malware lab analyzed the Stuxnet virus that attacked the Iranian uranium enrichment facility in Natanz last year. He did not describe the group’s findings in detail, except to say that they confirmed that it was “very sophisticated.”
Edwards said that several years ago he had asked the German company Siemens to study the same kind of industrial controllers used at Natanz for vulnerabilities to attack, because they were so widely used in industry.
But he said the study was not part of any effort to target the controllers with malware, and said his program’s work on the controllers could not have helped Stuxnet’s designers.
A senior Homeland Security cyber official, who spoke on condition of anonymity because of the sensitivity of the topic, said the Stuxnet worm exploited well-known design flaws common to many system controllers, vulnerabilities that in general can’t be patched.
Many independent experts and former government officials suspect that Stuxnet was created by the United States, perhaps with the help of Israel, Britain and Germany.
The U.S. and other nations believe Iran is building a nuclear weapons program, but Tehran insists it is interested only in the peaceful uses of nuclear technology.
While U.S. officials talk frequently about the threat of cyber attacks to America, they seldom discuss the country’s offensive cyber weapons capability. The U.S. is thought to be the world’s leader in cyber warfare, both defensive and offensive.
U.S. officials and others long have feared that future wars will include cyber assaults on the industries and economies of adversaries, and the potential targets include power plants, pipelines and air traffic control systems.
Foreign nations could also target military control systems, including those used for communications, radar and advanced weaponry.
Because of its advanced industrial base and large number of computer controlled machines connected to the Internet, the U.S. is thought to be highly vulnerable to a cyber attack on its infrastructure.
In a 2007 test at the Idaho National Laboratory, government hackers were able to break into the control system running a large diesel generator, causing it to self-destruct.
Watch the generator as it shakes, shudders and finally halts in a cloud of smoke:
James Lewis, a former State Department official now with the Center for Strategic and International Studies in Washington, said in an interview that the Aurora test ushered in a new era of electronic warfare.
Before the test, he said, the notion of cyber warfare “was mainly smoke and mirrors. But the Aurora tests showed that, you know what? We have a new kind of weapon.”
Homeland Security officials said they have not conducted such a test on that scale since. But they demonstrated Thursday how a hacker could tunnel under firewalls in computer systems to take command of industrial processes.
“All systems deployed have vulnerabilities,” Edwards said.
- John McCain Lectures Tea Party Senator on How ‘Business’ Gets Done in Congress: ‘That’s What We’ve Been Doing for a Couple Hundred Years’ 577 Comments
- Boy Scouts of America Vote to Allow Gay Members 513 Comments
- Pope Francis’ Sermon Sparks Debate: ‘Even the Atheists’ Have Been Redeemed ‘With the Blood of Christ’ 492 Comments
- Obama Doesn’t Return Marine’s Salute, Shakes Hand Instead — Is This a Protocol Misstep? 383 Comments
- Piers Morgan Bans Dana Loesch From His Show Following Twitter Spat: ‘Show Some Bloody Respect’ 335 Comments
- Game-Changing Bombshell? There’s a Major Twist in the Story About a High School Student’s Lesbian Relationship With a Minor 307 Comments
- Is the Boy Scouts’ Gay Amendment the ‘Beginning of the End’ for the Group? (Plus: Tell Us Where You Stand) 264 Comments
- MSNBC Hosts Martin Bashir and Chris Hayes Claim London Machete Killers Aren’t Terrorists: ‘These Are Just Murderers’ 148 Comments
- Did You Catch the Possibly Policy-Changing Ft. Hood Reference in Obama’s Terror Speech? Read More
- Dem. Rep. Apologizes for Attending ‘Racist, Anti-Semitic and Homophobic’ Speech Read More
- Have You Had Scotch at a NJ TGI Friday’s Lately? You Might Have Been Drinking Rubbing Alcohol Read More
- Venezuelan President Blames Toilet Paper Shortage on the Rich Read More
- This Terrible Chart Shows the Change in Food Stamp Participation Over the Last 10 Years Read More
- Disney Makes Absolutely Mortifying Photoshop Mistake Read More
- Trey Gowdy at It Again — This Time with a Jack Bauer Reference! 117 Comments
- LOOK: Woman Claims to Have Photographed UFO in California Read More
- Lion Named ‘Bonedigger’ and Small Dog Make Most Unlikely Companions Read More
- Rocket Bike Sets Land Speed Record — and Uses a Fuel You Wouldn’t Expect Read More
- How 3D Printing Technology Created a Special Part for Baby’s Windpipe and Saved His Life Read More
- 6 Fascinating Spy Gadgets You’ll Probably Want (and Can Have) After Seeing Read More
- Penguins rip Ottawa 6-2, move to conference finals
- NKorean envoy delivers letter to China's president
- Sanchez loses no-hit bid in 9th, Tigers beat Twins
- Zimmermann wins 8th; Nationals top Phillies 5-2
- Ex-Guatemala president extradited to US
- Calif. teen takes supermodel to prom
- Kuchar leads Colonial when 2nd round suspended
- Judge: Ariz. sheriff's office profiles Latinos