Saturday, October 31, 2015

technically and infrastructurally easy to fix, politically - next to impossible...,

WaPo |  To begin, a conclusion: The Internet, whatever its many virtues, is also a weapon of mass destruction.

We have been distracted from focusing on that potential by a succession of high-profile cyberattacks, including China vacuuming up more than 22 million federal employee records, North Korea’s humiliating shot across the bow of Sony Pictures Entertainment and a barrage of cyberlarceny directed at U.S. banks and businesses, much of which has originated in Russia and Ukraine. Each of these targets was protected by firewalls and other defenses. But the Internet is inherently vulnerable. It was never intended to keep intruders out. It was designed to facilitate the unimpeded exchange of information, giving attackers a built-in advantage over defenders. If that constitutes an ongoing threat to commerce (and it does), it also represents a potentially catastrophic threat to our national security — and not just in the area of intelligence-gathering. The United States’ physical infrastructure is vulnerable. Our electric power grids, in particular, are highly susceptible to cyberattacks, the consequences of which would be both devastating and long-lasting.

Deregulation of the electric power industry has resulted in a network of more than 3,000 companies, some of which are well protected, many of which are not, but all of which are interconnected. Hacking into the most vulnerable could lead to a domino-like penetration of even the most secure companies. The automated programs (known as supervisory control and data acquisition systems) that control the supply and demand of electricity nationwide are, for the most part, standardized and therefore highly accessible. Multiple sources in the intelligence community and the military tell me that Russia and China have already embedded cyber-capabilities within our electrical systems that would enable them to take down all or large parts of a grid. Iran’s capabilities are believed to be close behind. North Korea is working toward such a goal. George Cotter, a former chief scientist at the National Security Agency, told me that he fears groups such as the Islamic State may soon be able to hire capable experts and assemble the necessary equipment, which is available on the open market.