April 8th, 2009

Grid spyware: Deregulation bites us again

Posted by Richard Koman @ April 8, 2009 @ 12:22 PM

Categories: Government technology

Tags: Network, Deregulation, Spyware, Cybersecurity, Internet, Security, Richard Koman

The news that Chinese and Russian spies have infiltrated the U.S. electrical grid comes just as the Obama Administration is winding down its cybersecurity review.

Some interesting data points:

• A few weeks back, I posted that Air Force Gen. Kevin Chilton told Congress that the military has an interest in the security of private networks and that Stratcom may well be the place for that responsibility.
• A month ago, Rod Beckstrom quit director of the National Cyber Security Center because, he said, the National Security Administration is dominating cybersecurity efforts.
• In the revelations about the grid-spying, did you note that it was the intelligence forcd, not the utility operators, that detected the spyware?

Many of the intrusions were detected not by the companies in charge of the infrastructure but by U.S. intelligence agencies, officials said. Intelligence officials worry about cyber attackers taking control of electrical facilities, a nuclear power plant or financial networks via the Internet.

As Larry notes, the vulnerability isn’t news to the security community. Forbes quotes Beckstrom:

Given the inherent vulnerability of any system connected to a network, stories like this don’t surprise anyone in the business,” Rod Beckstrom, the former Department of Homeland Security’s top official for cybersecurity told Forbes in an interview. “If the reports are true, the interesting question is, what’s the intention behind sharing this information at this time?”

Isn’t this yet another case of America being weakened by a brain-dead adherence to the failed philosophy of deregulation? Listen to Andrew Storms, director of security ops at nCircle (in an email to me):

The nations infrastructure is an incredibly important cog in the US livelihood. While security professionals have been taking the network-based threats of these installations more seriously since the National Infrastructure Protection Plan (NIPP) first introduced in 2002, regulations lacked significant teeth. This combined with the continued desire for past administrations to prefer a public/private partnerships where the private entity did most of the work with little support, meant that few laudable goals were ever met.

The Internet dismantles all geography and the potential outcome of the new threats are only now starting to be widely realized. The new war is already being fought on the Internet, it is the new conflict zone. Recent events have only skimmed the potential. These included the wide spread DOS attacks reportedly from Russia on neighbors Kyrgyzstan, Georgia and Estonia. And in Asia, many reports indicate that China and Taiwan have been in an Internet Spy vs Spy game for many years. Why should a country send boots to the US when they can attack our power plants from the comfort of their easy chair? Not to mention with high speed Internet access so widely available, everyone becomes a potential troop.