Last month an attack was carried out on the Telvent, the maker of software and services meant to be used with smart grid networks. The attack was announced as a breach of Telvent's internal firewall and security systems, and Telvent officials said the attack included the installation of malicious software and the theft of project files for OASyS SCADA (supervisory control and data acquisition), software that bridges the gap between enterprise networks and activities in the field.
In a time where these SCADA systems are used to regulate the electrical grid through the Internet or over phone lines, a serious attack can result in electricity being denied to hundreds of thousands of people. Attacks on the infrastructure of our country are a real threat to the lives of citizens.
The attack on Telvent was believed to have come from a Chinese hacking team called the "Comment Group", according to Joe Steward, director of malware research at Dell SecureWorks.
Last year, the White House wrote a report titled International Strategy for Cyberspace. In that report it was written that
"When warranted, the United States will respond to hostile acts in cyberspace as we would to any other threat to our country. All states possess an inherent right to self-defense, and we recognize that certain hostile acts conducted through cyberspace could compel actions under the commitments we have with our military treaty partners. We reserve the right to use all necessary means—diplomatic, informational, military, and economic—as appropriate and consistent with applicable international law, in order to defend our Nation, our allies, our partners, and our interests."
If cybersecurity is so important we can go to war over it, isn't it about time we made sure our important infrastructure is safe from attack? It's unsettling to think that malware could make it into the systems that control electrical grids, and while the Department of Defense has been taking cybersecurity very seriously, attacks such as these are not targeting the government, they are targeting companies.
The military may need to step in and force companies that provide important infrastructure to increase their security offerings. A successful attack will do more than hurt the companies that are directly involved, after all.
No comments:
Post a Comment