I was browsing cnet.com recently, and I noticed a story that caught my attention, entitled "Just how vulnerable is the electrical grid?" After reading it, it occurred to me that the huge network known as the internet is the culprit of many a crime, as well as the conduit for possible crimes. What struck me as extremely odd though, was that a company in charge of something as important as creating and distributing electricity would leave themselves open to numerous forms of cyberattack. Internet Protocol, or IP for short, has never been known for its safety, and it is surprising that such an important network would be able to be accessed using this protocol. According to the article, Industrial Defender, a computer security company, tested the network about 100 times and found about 34,000 vulnerabilities in the network. That's right, that is thirty-four thousand different ways that someone could break into the network, and according to another article, a group has already done so. Apparently, whoever they were, they were able to implant software onto the compromised systems that could potentially be used to disrupt the systems.
While modernization is usally taken as a good thing, I think it is safe to say that sometimes it is better, and safer, not to, especially when the best reason to do so is for ease of access by employees. In a computer networking class that I took in high school, I learned that when it comes to a network, especially one for a business, the number one priority is network security, all else comes after this. It would seem that these utility companies have either forgotten or forsook this.
The links to the articles mentioned are here and here
-Thomas Pearson
Subscribe to:
Post Comments (Atom)
If you ever saw last year's Bruce Willis film LIVE FREE OR DIE HARD, it was inspired by a WIRED article by John Carlin, titled, "A Farewell to Arms" (which receives credit in the film). The original article, which is non-fiction, deals with some of the fears you expressed in this blog post. (You can find it here: http://www.wired.com/wired/archive/5.05/netizen.html)
ReplyDeleteBack when I was working and studying in defense circles, and completing my first master's degree (in national security studies), there was a lot of talk about domestic terrorist groups attacking our utilities, particularly our electric utilities and grids. The Internet was in pre-embryonic stages back then -- it was still mostly a zygote of its current self. These white supremicist groups were planning (and sometimes attempting) old-school, non-Internet attacks on those power grids. It's a target we've been talking about for a long time. And, as you note, we've been treating it too lightly for most of that time.