The April Popular Mechanics has a cover story on the vulnerabilty of US infrastructure to a major cyber attack.
One trick they described was the USB Drive Drop where the hacker drops a USB drive loaded with rootkit software that automatically installs when employee plugs the USB drive into his work computer. It bypasses the firewall and the hackers have control.
Most experts agree that China and Russia routinely probe our industrial networks, looking for information and vulnerabilities to use as leverage in any potential dispute. James Lewis, a cyber-security expert for the policy think tank Center for Strategic and International Studies (CSIS), says that although cyber warfare couldn’t cripple the U.S., it could serve as an effective military tactic. “If I were China, and I were going to invade Taiwan,” he says, “and I needed to complete the conquest in seven days, then it’s an attractive option to turn off all the electricity, screw up the banks and so on.” Could the entire U.S. grid be taken down in such an attack? “The honest answer is that we don’t know,” Lewis says. “And I don’t like that answer.”
In January 2008, senior CIA analyst Tom Donahue dropped a bombshell on a small conference of government officials and power-company engineers from the U.S. and Europe. He told them that extortionists had managed to hack into utilities in multiple regions outside the United States and disrupt power equipment. “In at least one case,” he said, “the disruption caused a power outage affecting multiple cities.” The CIA has been highly secretive about the incident, and Donahue would not discuss where the blackouts occurred or what companies were affected. But he admitted that the CIA had no idea who had perpetrated the attacks. Hackers had shaken down a public utility, it seems, and had gotten away with it.
Could hackers take down key parts of our infrastructure? Experts say yes. They could use the very computer systems that keep America's infrastructure running to bring down key utilities and industries, from railroads to natural gas pipelines. How worried should we be about hacking, the new weapon of mass disruption?
The most Frequently told anecdote in the world of infrastructure cyber security is that of Maroochy Shire. The incident, which occurred in Queensland, Australia, is viewed by many in the industry as an object lesson in the damage that can be done when someone with computer skills and a grudge takes aim at a public system. In 2000, Vitek Boden, a computer expert in his late 40s who had been turned down for a job in municipal government, rigged up his laptop computer to a radio-frequency wireless transceiver to hack into the city’s computerized wastewater management system. Over the course of two months, Boden broke into the system 46 times, instructing it to spill hundreds of thousands of gallons of raw sewage into rivers, parks and public areas. He was finally caught when a police officer pulled him over and found control-systems equipment in his car. The reason the Maroochy Shire incident is recounted so frequently is that it shows how difficult it is to thwart hackers who want to disrupt the infrastructure, since attacks can come from almost anywhere. An insider with detailed knowledge could target a specific company’s system, or a hacker could launch an anonymous Internet assault from a distant country.
http://www.popularmechanics.com/technology/military_law/4307521.htmlhttp://www.popularmechanics.com/technology/military_law/4307528.html
Printer-friendly format
Email this thread to a friend
Bookmark this thread
(1000+ posts)
Send PM |
Profile |
Ignore
