Time to Stop Hitting the Cyber Snooze Button on US Infrastructure

Walking-onstreet/Shutterstock.com

Featured eBooks
Space Tech
Read Now

CDM

Read Now

Digital Transformation

Read Now
Jack Harrington By Jack Harrington

By Jack Harrington

|

There’s nothing special about the U.S. power grid that would protect systems from cyber terrorists.

Jack Harrington is vice president of cybersecurity and special missions at Raytheon.

When summer thunderstorms roll through, bringing a few scattered power outages in the coming weeks, we will be gently reminded of how critical electricity is to our daily comfort and ultimately our survival.

But what if the cause of the next outage is more sinister than a garden-variety disturbance of local weather patterns?

Power grids have proven to be vulnerable to cyber terrorists. Hackers interrupted a regional power supply abroad (in the Ukraine), and white hat hackers in the Midwest recently demonstrated there’s nothing special about our own grid that would protect our systems from the eventuality of a similar – and potentially much more damaging – fate.

This is precisely the type of scenario that should strike fear into the hearts of the cyber savvy. Those of us who make our bread and butter in the world of cyber defense have long warned of the possibility of cyberattacks that could threaten our critical infrastructure, our economy and our very way of life by extension.

We now have several real-life examples proving such fears are far from unfounded. One only needs to read the latest news headlines to understand that our cyber systems are already under attack from various adversaries, both at home and abroad.

If a threat to our power grid is not enough to frighten you (and it certainly should be), consider this: attacks targeting supervisory control and data acquisition, or SCADA, industrial control systems rose 100 percent in 2014 compared to the previous year, and in 2015 the financial sector and utilities paid the highest costs of cyber crime compared to other industries. 

We are already seeing more evidence and reports of cyberattacks on critical infrastructure, including power generation, water, transportation and health care as we head into summer. In fact, a Stuxnet-like malware was recently discovered targeting and probing our industrial control systems.

Fortunately, both deep defense-grade and commercial security solutions have been developed to protect critical infrastructure networks and withstand attacks, but we must continue to move the ball forward. Any organization without robust security programs and tools in place must consider immediate adoption to maintain safe and reliable operations. After all, it’s not only critical infrastructure that faces such risk.

In fact, Ukraine offered us yet another frightening example in 2014. In May of that year, hackers were able to cripple Ukraine’s electronic voting system in advance of a presidential election. Just imagine the chaos that might ensue if that were to happen here at home during the coming fall.

It’s uncomfortable to consider, but in a world where everything is connected and therefore vulnerable, the very foundation of our own democratic principles could quite simply be jeopardized by a motivated group of hackers.

It seems everyone agrees that after years of punting the proverbial ball downfield, it is now time to take possession and take charge. Last month, a Senate committee on homeland security and government affairs heard some compelling testimony from well-known TV anchor-turned-cyber author, Ted Koppel, who believes our nation is at risk of a crippling cyberattack.

Committee members generally agreed such an attack is not only possible but also likely. For that reason among others, Homeland Security Department officials are pushing for a reorganization of the National Protection and Programs Directorate that would more closely align government and industry efforts to protect our critical infrastructure from cyberattack.

This month, new legislation was introduced in the Senate to protect our electrical infrastructure from cyberattack. The Securing Energy Infrastructure Act proposes taking our industrial control systems offline in an effort to isolate them from insidious threats that can lurk in our always-on and always-connected networks.

While this approach might be a bit unconventionally retro in nature, it is heartening to see members of Congress working with industry to think about new (and old) ways to address a very real and difficult challenge.

But further thinking and action are needed on a global scale. By working with our allies and industrial partners across the globe to ensure information sharing about cyberthreats and attacks, we can do much to further secure our collective online existence.

Twenty years ago, a power outage in Ukraine would have barely been a blip on the global media’s radar. But in the age of the “internet of everything,” a regional power outage in Ukraine has just taken away our cyber snooze bar. Regardless, the consequences of oversleeping are far too great to consider ignoring the alarm for an extra nine minutes of peace.

NEXT STORY: 6 Employees Who Could Wreak Havoc at Your Organization

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.