Attacks on Control Systems
It is very important to mention that
our very lives depend on Control Systems that manage the behavior of complex and
critical components of the global industrial infrastructures such as transportation,
water, power grid, gas, oil, food industry, and pharmaceutical. Thus, securing these
control systems becomes government top priority and national security matter.
According to the U.S. Department of
Energy (DOE) and commercial security consultants, control systems are
vulnerable to cyber attacks and their reliable operations are at risk.
Now let us ask the ultimate question; what
would happen if the control systems were hacked?
Stuxnet virus proved that we should
expect another Chernobyl if similar attacks on control systems happen. Stuxnet was
created and designed by the U.S to target the Iran's Uranium-Enrichment Center
at " Natanz, which has 7,000 centrifuges " and was "inserted ...
by Israeli agents." Its "... payload was rocket science; it's way
above everything that we have ever seen before.
The attack was the beginning of a new era
of wars with new dimensions; the Binary Attacks. The virus was not a self-destructive
program and its source code could be reverse engineered. Therefore, could be
sold in the black market to terrorists. Although the aim of the attack was to immobilize
the country's nuclear capabilities, that country now has a modern weapon with
high level of destruction with low cost! The attacker just served his/her victim.
Stuxnet attack was a turning
point so that governments all over the world started changing their defense
strategies and tactics against a silent weapon that has tremendous power of destructions.
On 12 February 2014, the U.S National Institute of Standards & Technology
(NIST) released the "Framework for Improving Critical Infrastructure
Cybersecurity". The framework completes Obama Administration’s 2013
cybersecurity Executive Order. The Australian government made same announcement
by introducing the Australian Cyber Security Centre (ACSC).
To encourage scientists and researchers in the
field of Cyber security, governments and other contractors propose funds to strong
projects and ideas. The National Science Foundation (NSF) is an active source of money that scientists and
students, at certain levels, can count on it.
Source:
http://apo.org.au/research/cybersecurity-executive-order
Finnie, S. (2012). Stuxnet Was a Wake-up Call, But Don’t Fall Back Asleep. Computerworld, 46(12), 60–60
Hey Youssef,
ReplyDeleteI did some research on Stuxnet a while ago and let me tell you, that was some scary stuff. To answer your question "what would happen if the control systems were hacked?", I really do not know. I'm almost positive the nation would be in chaos even riots. Its scary to think that all of our important industrial infrastructures such as transportation, water grid, oil and electricity are all controlled from a specific control system, and it all is based off our technology.
I think that there should be more oats such as these to spread even more awareness to hopefully find a better alternative to our control systems or even more secure protections for it. I'm glad that stunt made governments think about their defense strategies because I can't imagine if stuxnet did the unthinkable and released threats that could potentially cripple the nation. The issue about our security could've always been known sooner but its better late than never.
Hey Youssef,
ReplyDeleteTo be honest, I never heard of the Stuxnet virus but it seems really dangerous if it can hack in to Iran's System and get nuclear information. It must have made the news but I hardly keep up with the news. One thing I can relate to you is when you talk about Control Systems and what they control. Well they control the entire country, literally, everything runs on technology so if the technology is hacked, you can take over a country. I remember hearing that Obama said that the most dangerous threat we face today is cyber security. It's interesting that wars can be fought on computers now and days.
Stuxnet, I believe, used the unknown, until recently, USB firmware hack which mean that there is no way to block it with most systems on the market. If they can reverse engineer it that is a real problem (Governments better start changing out their computers). It is interesting and a little freighting to think that is were we are with computer hacking and cyber warfare. With the recent hack by china on the state department's unclassified email it starting to get really heated in cyber space. The question is whether this will stay were it is or if it will reach the point where these hacks could be seen as a declaration of war.
ReplyDeleteStuxnet was an incredible virus and I’m glad you’re bringing attention to it. I remember reading an article shortly after that about how Iran began immediately stepping up their own cyber security initiatives within the country. Similar to how the U.S is attempting to build up cyber professionals within the educational system here is what Iran was doing. Stuxnet was very innovative and fairly sophisticated form of an advanced persistent threat and there were even reports that similar viruses were seen in attacks on U.S infrastructure.
ReplyDelete