Cyberthreat to Vital Infrastructure: This is Not a Movie

Live Free or Die HardIn the 2007 film “Live Free or Die Hard” NYPD Detective John McClane (Bruce Willis) is on a mission to stop a group of terrorist-hackers that have crashed the stock market and are targeting America’s infrastructure including the FAA and transportation system. They want to shut the country down.

ABC News recently broke a story showing that since 2011 such a possibility has not been just the stuff of movies. Russian (believed state-sponsored) hackers have planted malware in software that runs much of America’s power infrastructure including nuclear plants, oil and gas pipelines, and power transmission grids. In other words, they could plunge much of the country into a blackout the likes of which have not been seen since 2003, when 55 million people were without power for days because of a software bug in a power company’s alarm system. That bug was a flaw – this “bug” is a weapon. ABC reported:

A destructive “Trojan Horse” malware program has penetrated the software that runs much of the nation’s critical infrastructure and is poised to cause an economic catastrophe, according to the Department of Homeland Security. National Security sources told ABC News there is evidence that the malware was inserted by hackers believed to be sponsored by the Russian government, and is a very serious threat.

The official alert from the Department of Homeland Security – Ongoing Sophisticated Malware Campaign Compromising ICS – is a very boring read. It looks like just another cybersecurity warning, with no indication of the potential chaos that could be unleashed by this virus.

The malware targeted SCADA (Supervisory Control And Data Acquisition) systems that are essential for running large distributed operations such as power plants and power lines. In the past SCADA systems tended to be proprietary and operated over private communications networks. As described in the Wikipedia entry on SCADA,

The move from proprietary technologies to more standardized and open solutions together with the increased number of connections between SCADA systems, office networks, and the Internet has made them more vulnerable to types of network attacks that are relatively common in computer security.

In other words, attacks such as this one are likely to become more common.

It’s probably impossible to roll back the clock and go back to all private networks and proprietary systems, not connected to the outside world, as a method to secure the nation’s vital infrastructure. A better approach would be to use a different paradigm for network security – PACid’s BoSS technology.