Hacked into a corner? Lab seeks weapon against growing cyber threats U.S. Defense Secretary warns of "cyber-Pearl Harbor"
By Doug Page
While Congress wastes time on partisan burlesque, the vulnerability of U.S. cyber infrastructure increases and the country has no coordinated policy to mitigate the threat.
Early in October, Defense Secretary Leon E. Panetta warned that the United States faces the possibility of a “cyber-Pearl Harbor;” that the country is increasingly exposed to foreign computer hackers who could dismantle the nation’s power grid, transportation system, financial networks and government. Panetta’s warning was a reaction to fears that growing aggression by adversaries like Iran and al-Qaeda, coupled with their increasing technological sophistication, has left the United States vulnerable to widespread attack.
Panetta used the August attack on the Saudi state oil company Aramco’s corporate network as an example, when hackers erased document files, spreadsheets and e-mails on 30,000 company PCs.
The financial sector is a favorite target of hackers. Bank of America, Wells Fargo, Capitol One and other financial institutions were all hit this summer by denial-of-service attacks, in which hackers use a high volume of incoming traffic to delay or disrupt targeted websites.
Also in August, an Obama administration cyber security bill was blocked by Republicans, led by Sen. John McCain, who, siding with the U.S. Chamber of Commerce, said it would be too burdensome for corporations.
Meanwhile, one national laboratory has gone ahead with cyber-security research without a congressional mandate. You can see what the future of cyber-security in the energy sector might look like from safeguards taking shape at the Idaho National Laboratory. Researchers there are opening new protective circuits to help make the energy industry more resistant to cyber-attack.
The lab recently demonstrated a suite of security tools that gives utility operators the ability to monitor networks and control systems in new ways so they can better protect critical networks. The Sophia situational awareness software was among the tools demonstrated.
“Sophia can be configured to automatically detect unusual activity that may present a security concern,” said Robert Erbes, the INL cyber-security researcher leading the demonstration. When not sensing anomalies or security breaches, Sophia also passively observes network communications, providing both real-time and historical records of those communications, Erbes said.
Erbes said these tools provide visibility and situational awareness of computer networks used in energy delivery systems. The INL tools are used to profile and understand the interrelationships between computers and their communication pathways.
“Using the knowledge made accessible by these tools, individuals responsible for maintaining and protecting energy delivery systems will have a significantly easier time identifying malicious activity on their networks, while also enabling them to respond appropriately,” Erbes said.
Further information can be found on the Sophia website sophiahome.inl.gov.