Thursday, October 15, 2015

Online Attacks on Infrastructure Are Increasing at a Worrying Pace

For the last four years, foreign hackers have infiltrated the Department of Energy's network 150 times through stolen source code and blueprints to water and oil pipelines and the power grids of the US. The number of attacks against industrial control systems has more than doubled since 2013, causing some people to fear that a "cyber-Pearl Harbor" could occur in the near future.

Many attacks have happened recently. The Department of Homeland Security was just looking into an attack against 1,000 European and American energy companies last year. There was also an attack on Sony and Televent. The most significant attack was on the world's largest oil company, Saudi Aramco, in 2012.

Like in Cold War situations, larger countries such as China and Russia have less of an incentive to attack the US because of the fear of retaliation. However, there has been concern about possible attacks by Islamic State militants who have been exploiting social media for their own personal gain.

Hackers have been increasingly finding new ways to hack into systems without being caught. With cyber and control systems, it's hard to know for sure who is the suspect. Forensic investigations have not been completely successful in solving such hacking cases because it's hard to tell what exactly has happened and if it was intentional or not.

How should the US go about increasing online national security? Can the Department of Homeland Security do something that would prevent these hacks from occurring, and how can we persecute those guilty of the crimes? When hacks occur, how does it affect company management/the bureaucracy? How is technology affecting security, both at a national and personal level, and is it worth the potential risks?

NY Times
Wall Street Journal Blog

2 comments:

Jonathan Liu said...

Personally, I believe the most effective method of combating cyber-attackers and increasing national internet security would be to establish a new organization centered around technological warfare and cyber-security. Although we do have the department of homeland security, it seems unnatural to me to allow it to protect the corporations too. The way I see it, homeland by definition related to the physical United States, while the internet, and the corporations being attacked, are not owned by the US and don't quite fall into the same jurisdiction. Especially with the increasing prevalence of technology in the world, it doesn't make sense to have Homeland Security continue to face these threats. By creating a new organization, more funding and attention would be placed on these issues, and more expertise would be developed solely on these, hopefully helping the problem. Of course, as technology gets better attacks like these will still be a problem, but dedicated agencies would definitely be a strong countermeasure.

Scott Chow said...

Well Jonathan, there actually just so happens to be such a task force already created under the U.S. army. It is called the Intelligence and Security Command (INSCOM), and it's the "premiere cyber task force," according to this pamphlet that they're handing out at HackingEDU. And before anyone says they've never heard of it before, that's probably because it didn't start out with that name. INSCOM is a distant descendant of the Communication Security Agency which was used to manage communications throughout WWI and later to break Nazi codes in WWII ( http://fas.org/irp/agency/inscom/history.htm ). I think part of the issue is the type of defense we try to put up in an effort to block these cyber attacks; our current method of trying to block everything as it comes is ridiculous and impractical. Any cyber terrorist force would eventually be able to attack through the weakest points in our defense due to the nature of the cyberspace and the constantly evolving field of malware and exploitation methods. Sadly, I don't have an answer for what we need to do to combat this threat. Thankfully, we have some smart people at INSCOM trying to tackle it.