In 2007 the Department of Homeland Security released 800 pages related to the Aurora Project when they replied to the Freedom of Information Act request for a malware attack on Google. The Aurora project was doing research on how easy it would be to hack elements in power and water systems. Once the machine control system is hacked, it can be used throw the machine's parts out of synchronization causing parts of the system to break down and eventually the machine to break. Within these papers was also a list the main power plants and pump stations across the country. If these stations were shut down, it would take out large sections of the power grid and shutdown water lines. You may not think this applies currently, but it still does. Some people believe that the hacking that occurred at Sony was a test to see if they could hack the United States successfully.
The good part is this problem is easily fixed with a single part that the Department of Defense will provide to any power plant, but unfortunately most power plants won't install this part due to the fact that it will open their facilities to NERC-CIP audits. An attack on these stations would also be as easily traced as the attack on Sony was. This is do the fact that no programs are needed to be uploaded into the control systems in order to break the machines, and these programs that are uploaded are what is used to figure out who hacked the system. Hopefully, this never happens.
The good part is this problem is easily fixed with a single part that the Department of Defense will provide to any power plant, but unfortunately most power plants won't install this part due to the fact that it will open their facilities to NERC-CIP audits. An attack on these stations would also be as easily traced as the attack on Sony was. This is do the fact that no programs are needed to be uploaded into the control systems in order to break the machines, and these programs that are uploaded are what is used to figure out who hacked the system. Hopefully, this never happens.
I believe the government should force the devices upon the electrical companies and make them install them because of the risk to the United States of America. The government should also not force the electrical plants to have NERC-CIP audits for installing the devices to help make their system for secure from hackers. I agree with the article that this is a serious matter and should not be overlooked. It has been seven years since the problem was discovered. This should have been fixed long ago in order to prevent hackers from trying to take down our electrical grid.
Work Cited:
Tucker, Patrick. "How a DHS Document Dump Imperiled U.S. Security."Government Executive. Defense One, 2 Jan. 2015. Web. 6 Jan. 2015. <http://www.govexec.com/technology/2015/01/how-dhs-document-dump-imperiled-us-security/102129/?oref=top-story>.
No comments:
Post a Comment