Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Bad new world: Cyber risk and the future of our nation

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 23 Sep 2011 04:49:46 -0500 (CDT)
http://www.csoonline.com/article/690276/bad-new-world-cyber-risk-and-the-future-of-our-nation

By Michael Assante
CSO
September 22, 2011
In September 2007, in a remote laboratory in Idaho, researchers began to show that that picture had begun to change, dramatically and irreversibly. Dubbed "Aurora," the researchers' project demonstrated the ability of a cyber hacker to destroy physical equipment—in this case a generator used to create electricity for the power grid. The Aurora research brought the question of physical safety and the ability for a nation to defend itself from attack in the cyber world to the forefront. For the next three years, this difficult discussion would largely remain just a discussion, contemplated, if passionately, in corners of Washington and at wonk-ish meetings across the U.S.
The first dramatic images of a generator shaking and belching smoke were vivid enough to force the informed to begin to consider the implications of such an attack occurring in the real world. We began to envision scenarios of a broad-scale attack on U.S. infrastructure, with the potential to cause blackouts that could last for months, contaminate our water supply, and cause industrial disasters. Forget Facebook—we began to worry about our ability to keep the lights on.
In 2010, along came the Stuxnet Worm, which took the hypothetical scenario extrapolated from the Aurora research and proved not only that it had been done, but also that it was released and traveling through cyberspace undetected. The worm carried with it all of the potential outcomes of Aurora to be triggered by a packaged-up set of autonomous code. Now the risk was real and it became very vivid. [Editor's note: Read the full text of Assante's Congressional testimony on Stuxnet (PDF, registration required).]
For the first time in a public forum we could read about a real-world scenario with physical consequences playing out as a result of an attack from a remote computer. In our minds' eyes, the images of toxic vapor rising from a chemical processing plant or a series of explosions at power plants across the country began to crystallize. 

[...]


_____________________________________________________________
Register now for the #HITB2011KUL - Asia's premier
deep-knowledge network security event now in it's 9th year!
http://conference.hitb.org/hitbsecconf2011kul/
Previous By Date Next
Previous By Thread Next

Current thread: