Site Content


Three reasons this cyber-attack is cause for concern

First foreign cyber attack destroys pump in Illinois 

Cyber attack - rather than causing physical destruction from direct force or assault, a cyber attack infiltrates a technology and turns the technology against the systems it's designed to control. For the first time we've had a foreign cyber attack in the United States. For more, read Technological Disasters, they're going to get worse.
An internet provider address traced to Russia is being described as the origin of a cyber attack that destroyed a pump at a water pumping station in Illinois. The pump was destroyed when access was gained to operational control software that allowed the pump to be repeatedly turned on and off causing it to burn out. The pumping station is reported to serve a population of over 2000 people. Mainstream media is reporting that there were no interruptions in service because redundant systems were in place and sufficient.

The November 8 attack, described as the first foreign cyber-attack on the United States, has been acknowledged by the Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI). Both DHS and FBI claim there is no immanent threat.  The breach is connected with compromised passwords and security information from civilan a software vendor. 

The media is also reporting that whoever hacked this system actually had access to Supervisory Control and Data Acquisition (SCADA) systems for three months. SCADA systems are widely used software that controls engineering systems for critical infrastructure. Nuclear power plants, power grid systems, waste treatment facilities, and some rail transportation systems, use SCADA software. Read more on why you can't ignore your critical infrastructure.

Three reasons this cyber-attack is cause for concern -
  1. No early warning systems in place to detect an attempted or actual cyber-attack. This attack was discovered only after the damage had been done. There was no detection mechanism in place to alert of an attack or attack attempt. Without early warning/detection systems, there could be additional attacks on more critical systems at any point...or in progress. 
  2. This could have been a probing evaluate vulnerability and assess reaction/response. A probing attack could indicate a larger cyber attack is on the horizon.
  3. Critical infrastructure lacks resiliency. Impact in this case was limited because redundant systems were in place and functional. Our power grid, by comparison, lacks functional redundancies. Had this attack shut down an electric generator or destroyed a vital component of the power grid, the outcomes could have been much more dramatic. More MJ posts on the power grid; Of Power Grids and Black Outs
"... [a] power grid/power supply that may be the most vulnerable (critical infrastructure). Several references have indicated that the Nations power grid is the most "at risk" target we have. It stands to reason that the power generation and distribution network in any community would also be at risk..."      Three Planning Problems for 2011 (MJ 12/2010) 


No comments:

Post a Comment

Note: Only a member of this blog may post a comment.