For the last four years, foreign hackers have infiltrated the Department of Energy's network 150 times through stolen source code and blueprints to water and oil pipelines and the power grids of the US. The number of attacks against industrial control systems has more than doubled since 2013, causing some people to fear that a "cyber-Pearl Harbor" could occur in the near future.
Many attacks have happened recently. The Department of Homeland Security was just looking into an attack against 1,000 European and American energy companies last year. There was also an attack on Sony and Televent. The most significant attack was on the world's largest oil company, Saudi Aramco, in 2012.
Like in Cold War situations, larger countries such as China and Russia have less of an incentive to attack the US because of the fear of retaliation. However, there has been concern about possible attacks by Islamic State militants who have been exploiting social media for their own personal gain.
Hackers have been increasingly finding new ways to hack into systems without being caught. With cyber and control systems, it's hard to know for sure who is the suspect. Forensic investigations have not been completely successful in solving such hacking cases because it's hard to tell what exactly has happened and if it was intentional or not.
How should the US go about increasing online national security? Can the Department of Homeland Security do something that would prevent these hacks from occurring, and how can we persecute those guilty of the crimes? When hacks occur, how does it affect company management/the bureaucracy? How is technology affecting security, both at a national and personal level, and is it worth the potential risks?
Wall Street Journal Blog