 |
| In this file image from video released by the Department of Homeland Security, smoke pours from an expensive diesel electric
generator during a March 2007 demonstration by the Idaho National Laboratory, which was simulating a hacker attack against
the US electrical grid. Dept. of Homeland Security/AP/file |
New U.S. tack to defend power grid
Lawmakers are on alert as hackers increase attacks on US infrastructure.
By Mark Clayton | Staff writer of The Christian Science Monitorfrom the October 30, 2007 edition
Page 1 of 3
For nearly five years, the US government has struggled to guard the nation's electric grid, drinking water, and other critical infrastructure from cyberattack. But as hackers continue to infiltrate such systems, and as reports surface of a surge in computer attacks on the electric grid, experts and lawmakers have an urgent message for the Bush administration: Cybersecurity defenses need an overhaul.
US lawmakers are pressing for a new approach that focuses more on systems that can rebound if infiltrated than on building ever-stronger "fire- walls" to keep hackers out.
On Tuesday, lawmakers on a House Homeland Security subcommittee are expected to unveil a blue-ribbon commission charged with developing a new national cybersecurity strategy in time to offer the next president.
The Bush administration, meanwhile, is close to unveiling a new cybersecurity approach of its own, an administration official told the Monitor. National Security Agency expertise may be deployed to help protect vital control systems of the electric grid and other key infrastructure, The Baltimore Sun reported last month.
"Times are changing very quickly here, and cybersecurity that was good enough even a couple of years ago – the strategy and approach – is obsolete," says Scott Borg, director of the US Cyber Consequences Unit, a nonprofit security think tank that advises government and industry.
"We do have a growing problem as our adversaries focus on critical infrastructure," concurs Amit Yoran, CEO of Netwitness, a network security firm, and former director of DHS's National Cyber Security Division. In the event of a cyberattack on any critical piece of infrastructure, "what we need is a layered defense in which the overall system is still available – and not a systemic failure."
Both men have been tapped to serve on the new congressional commission.
Driving such concerns are reports that malicious attacks are rising on specialized computer-control systems that open and shut valves on natural-gas pipelines, throw circuit breakers on power lines, and make telecommunications and defense networks, nuclear-power plants and hydro dams do their jobs.
If hackers half a world away break into and commandeer these "supervisory control and data acquisition," or SCADA, systems, then the US grid, pipelines, and other key infrastructure connected to the Internet are vulnerable to interruption or damage, experts say.
RSS feed
