Are you ready for your cyber attack?
The nature of warfare changes constantly. Static trench warfare played a big role in WWI, but improved air power and a more mobile battle tank brought much greater fluidity to WWII, making trenches obsolete. Later wars erased the idea of a front line altogether. WWII more importantly, became the information war.
For example, the German Enigma machine, a cypher, let the German High Command communicate with its far-flung resources without fear of the Allies reading its communiques. Simultaneously, a small army of code breakers in the UK, Alan Turing among them, worked feverishly to decipher the Wehrmacht’s orders. For that process, the code breakers invented several digital programmable computers. They worked so well that after the war, timid and short sighted leaders disassembled the computers deeming them too dangerous should they fall into the wrong hands.
Fast forward 70 years and the 1945 authorities actually appear quite prescient. Their worst fear about information technology and security seemed to come true. As engagements in hot wars subside, other forms of information warfare are being waged almost anywhere a significant installation has an Internet connection. A speaker at a technical conference recently remarked that to see something scary, try monitoring the controls of a significant facility while hackers attempt to gain access. When they pose as authorized workers, hackers could reset controls to increase power outputs, turn them off altogether, or make selections that could damage equipment.
One documentary on YouTube.com (See why Obama fears China’s hackers, probably so titled to capture U.S. attention) interviews several Australian government officials and business leaders dealing with the problem. The image the producers present is one of pervasive and relentless intrusions.
On the business side for instance, Codan Ltd, an Australian manufacturer of metal detectors and military radios, discusses how its design for a metal detector was stolen, copied, reproduced, and sold on the open market. The company discovered the theft when one of the copies came back to the company for warranty work and its sloppy circuit boards and other clues gave the fake away. Suspecting industrial espionage, a close inspection of company computers found malware had infected many of them. Investigators surmise that a salesman in a hotel room could have picked on click bait (such as a fake Viagra ad). The action told intruders an unprotected computer of interest was online. With the malware downloaded, the unwitting salesperson took the infection back to his company. There, it likely enabled the theft of more critical secrets, such as those that let once-secure military radios manufactured by the company perform with no more security than a trucker’s CB radio. Almost invariably, intruders are traced back to China.
The feature article in this issue just scratches the surface of the problem of cyber intrusions and security for utilities. The internet has brought bad guys right to the front door of control rooms. If they can pick the lock, they can appear as authorized users with unfriendly intentions.
Cyber experts don’t guess that an attack might come to the grid. It already has and will come again. Forewarned is forearmed.