Is This the Year We See a Major Cyberattack on U.S. Critical Infrastructure?

NuclearObvious statement alert: The world is totally dependent on its utility infrastructure—energy, water, sewage, etc. So, with that revelation out of the way, let’s talk about the state of cybersecurity in the energy sector.

When systems are first put online, they typically include some level of cybersecurity. Programmable logic controllers or sensors out in the field that communicate with master control systems miles away typically run antivirus software. Unfortunately, that software is rarely—if ever—updated. And since the only way to update that security software is over the Internet that opens the door for additional vulnerabilities, unless the proper filters are in place.

Cyber espionage is happening at an extraordinary rate with multiple nation-states targeting a variety of U.S. business sectors (government, technology, retail, etc.) to steal patents and other valuable intellectual property. Successful cyberattacks can shift the attacking nation-state’s place in the global economy or give it new geopolitical leverage against its enemies. But as bad as those attacks can be, their objective is typically not to disable a country’s economy or disrupt its ability to function. Most countries rely on international trade to sell their goods and obtain what they need. Knocking out your customers’ ability to buy your exports and sell you what they make would be a bad business decision for most nation-states.

“One of the reasons we have not seen a major control infrastructure attack on the United States, is not because the attackers aren’t capable, it’s because they haven’t really had the motivation,” said Harry Sverdlove, CTO for Bit9, during a recent video interview on cybersecurity for SCADA systems.

The Internet has created a level cyber battlefield, enabling smaller actors to tailor unique, targeted attacks, just as nation-states do. Smaller actors—without self-interest in the economic well-being of any nation—may be highly motivated to attack its critical infrastructure. This threat landscape creates many vulnerable new targets—such as the energy sector—which typically have never had to defend themselves against large volumes of cyberattacks. Just the increased threat of cyberattacks creates a financial burden for critical infrastructure operators. Primitive sensors attached to pipelines or power grids in remote locations are usually legacy hardware for a reason. Replacing this technology is expensive, and devising a plan to deploy enhanced protection is both costly and very difficult to achieve.

One way to reduce the cybersecurity risk is to make sure that vulnerable remote systems cannot be hijacked to perform tasks for which they were not designed. “At each point these systems are fixed-function, they should be using security software that locks them to that function so that nothing unauthorized can run on those systems,” says Sverdlove.

These vulnerabilities, Sverdlove notes in the video, don’t just imply loss of data. They also can lead to loss of life. Each point in the chain within our critical infrastructure needs to be locked down to prevent remote access by malicious parties and the spread of advanced malware. Unfortunately, it’s likely that within the next year we could see a major attack on the U.S. energy infrastructure. What we do before that happens will ultimately dictate the severity of the damage.

Watch the interview with Harry Sverdlove here

via Is This the Year We See a Major Cyberattack on U.S. Critical Infrastructure? | Bit9 Blog.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of the author. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided "as-is". The author shall not be liable for any damages whatsoever arising out of the content or use of this blog.
%d bloggers like this: