Stuxnet has fascinated together with horrified the cybersecurity community for a large chunk of 2010. Its many zero-day exploits, its mightiness to enshroud itself, its mightiness to exactly command the functioning of industrial machinery! You tin terminal country the worm is the materials of safety researcher nightmares *and* dreams.
So, today, when I moderated a panel for an Atlantic event on cybersecurity together with infrastructure at the Washington Press Club, I evidently wanted to know what my panelists idea of the software. I asked specifically that they drib dead beyond the touchstone "This is an beingness proof for our worst fears" form of lessons to position to a greater extent than subtle implications.
The most interesting respond I got was from Bill Hunteman, senior advisor for cybersecurity inwards the Department of Energy. "This is but the beginning," Hunteman said. The advanced hackers who built Stuxnet "did all the difficult work," together with directly the pathways together with methods they developed are going to filter out to the much larger grouping of less talented coders. Copycats will follow.
And that should frighten you lot a little. Because at the same fourth dimension that the possibilities of hacking industrial infrastructure conduct maintain been exposed, we're inwards the procedure of making to a greater extent than infrastructure accessible via networks. Smart grid deployments, electrical current together with future, are going to connect all kinds of novel devices together with machines together with we're non certain how hackers are going to drib dead later them.
We tin terminal play whack-a-mole together with unopen safety loopholes, follow practiced protocols, together with conduct maintain adequate precautions, but but about other subject that emerged inwards the give-and-take is that cybersecurity measures lonely are non going to protect the grid. The grid itself -- smart together with dumb parts alike -- conduct maintain to role to a greater extent than resilient architectures, together with thence that impairment to 1 business office of the world's greatest applied scientific discipline achievement don't drive cascading failures across the whole thing.
Now, we're taking but about babe steps to intend close all the interconnected systems. Ten 1000000 dollars conduct maintain been allocated to do a National Electric Sector Cyber Security Organization that would drib dead the master copy cybersecurity pump for grid infrastructure. But that's but $10,000,000, and all the DOE cybersecurity grants full $30,000,000. Major investor-owned utilities sold $276,000,000,000 worth of electricity inwards 2009. Granted this is but business office of the government's cybersecurity program, but I'll but banker's complaint that at that topographic point are a lot of 0s separating what we're investing inwards defence together with what the marketplace is worth.
Share This :
comment 0 Comments
more_vert