Thursday, April 9, 2009

Hackers breach US electric grid


News of a recent security breach in the US electrical grid is prompting new security worries and calls for better protections.

A Tuesday report by the Wall Street Journal claimed that spies from China and Russia had breached security protections on American electrical grids and had installed software which could have been used to cripple systems such as water treatment centres and power plants through the compromised grids.

The report noted that no malicious activity had taken place. However, given the severity of such an attack, security experts are issuing dire warnings that protections must be improved.

Phyllis Schneck, vice president of threat intelligence for McAfee said the incidents show just how deep our dependence on IT has become, and how vulnerable populations can be when electrical grids are compromised.

"The very high level of this is that a cyber event can cause a catastrophic physical event," Schneck explained.

"As humans it tends to be our habit to build for availability before we put security in, this is awake up call in building sec into every layer of our infrastructure."

The possibility of a cyber attack on public utilities is not new. Last year, the US government released the findings of its Cyber Storm 2 exercise which simulated an attack on both corporate and government IT systems across a number of countries.

At the time, the groups admitted that all sides needed to improve, particularly regarding communication and interaction in the event of an attack.

To Schneck, today's events only reaffirm the need to improve understanding and protection of those government and private infrastructure systems.

"Today's story is not the first, it won't be the last and it's not new," said Schneck.

"This really should be a wakeup call, because we have not yet made securing these systems the priority that it needs to be."

No comments:

Post a Comment