Cyber-attacks have already come close several times to shutting down parts of the country’s critical infrastructure, according to the US Department of Homeland Security Secretary.
The number of cyber-attacks on financial systems, transportation and other networks is growing, Secretary Janet Napolitano said at a 28 October event on cyber-security in Washington, D.C. hosted by The Washington Post. When asked how many attacks may have occurred during the course of the 45 minute question-and-answer session at the event, Napolitano told the audience, “Thousands”.
Some cyber-assaults had come close to crashing key infrastructure. There have been attempts on Wall Street, transportation systems, and “things of those sorts”, Napolitano said. The Wall Street attack may be a reference to an attack on the Nasdaq stock exchange a year ago.
In fiscal year 2011, the United States Computer Emergency Readiness Team responded to more than 100,000 incident reports and released more than 5,000 actionable cyber-security alerts and information products, she said.
Department of Homeland Security networks have been probed by adversaries attempting to breach systems. Napolitano declined to discuss the specifics of the intrusion.
Congress needs to act to enact legislation to protect critical infrastructure, Napolitano said. One of the problems facing the United States in defending against cyber-attackers is the fact that current international law, rules of conflict and government policies have not really kept up with the changes in cyber-threats.
The Obama administration has released a proposal in May outlining how the private sector should work with DHS to develop cyber-security plans to protect critical infrastructure. The proposal also includes requirements for a federal data breach notification law and a call for tougher penalties for computer crimes.
There are several cyber-security bills in both houses of Congress focusing on critical infrastructure in circulation, none of them have reached the floor yet. Congressional observers are not sure if they would come up for a vote this legislative session.
Napolitano didn’t share that pessimism, saying that Congress was aware of the importance of cyber-security. “If there’s any area of international concern that the Congress is going to move on this session, it’s going to be cyber,” she said.
Homeland Security needs to serve as the nation’s “incident response centre” in the event of a major attack.
Security experts have long warned that critical infrastructure, such as electrical grids and power plants, were vulnerable to attack. The Federal Bureau of Investigation’s executive assistant director, Shawn Henry, said the threats were “incredibly real” and intrusions into corporate networks, personal computers and government systems were “occurring every single day by the thousands”, in a speech at a recent conference in Baltimore.
“It could shut down our electric grid or water supply. It could cause serious damage to parts of our cities, and ultimately, even kill people,” Henry said.
There have already been several “high-tech catastrophes”, Eugene Kaspersky said at a cyber-security summit in New York earlier this month, referencing the Spanair flight 5022 crash in 2008 and the blackout that blanketed the East Coast in 2003.
Malware was “not the reason” the incidents happened, but they would not have happened without malware, according to Kaspersky. In the case of the blackout, some of the critical systems in key data centres used by utility companies had been infected by the Blaster worm.
It was inevitable that attackers would someday go after the electric grid, Kaspersky said. Governments need to share threat intelligence with the private sector, defend critical systems, and work with other governments to track down cyber-adversaries, according to Kaspersky.
“We need an Internet Interpol, an international cyber-police,” Kaspersky said.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…