Admiral Michael Rogers, head of the US National Security Agency, told Congress that China and possibly a couple of other countries have the ability to take down the US electric power grid in a cyber attack. Lights out disaster novels premised on the collapse of the US power grid usually use an electromagnetic pulse to make it happen. But internet packets might be enough to do it - albeit for a shorter period of time.
Do you ever get the sense that the US government defends us against non-threats and small threats while inviting in or ignoring much bigger threats? Seems that way to me. We have the USAF building the most expensive fighter plane at the slowest rate of development that guarantees old technology by the time the thing finally flies. Hundreds of millions spent while the head of the NSA says our electric power grid could be taken down by a cyber attack. We fight against terrorist groups in the Middle East while Western societies let radical Muslims immigrate.
It isn't just the government that is lame and focused on the wrong stuff. Lots of companies have lame internet security with lots of devices on the net that can be easily penetrated.
Another story came out a few weeks ago about how Russian hackers have put some malware called "Black Energy" into key infrastructure computers and the malware has been in place for a few years. Is this true?
I'm quite prepared to think that utility companies, fuel pipeline companies, and the like are even more lame than Target, Home Depot, JPMorgan Chase, and a long list of other companies who at least discovered hacks. The core competencies required to do internet security seem quite different than the other core competencies needed to run most companies. I do not expect the CEO of a power utility to get computer security..
US companies and other Western companies are bleeding their designs, customer lists, formulas, and processes to Russian, Chinese, and other players who are eager to steal information for profit. Plus, states and even non-state actors are eagerly preparing for cyber warfare by penetrating systems that control key pieces of infrastructure. I;m guessing the non-state actors of a hostile sort (as compared to being of a money-seeking criminal sort) are most likely to carry out real attacks against infrastructure computers. Have they failed to do so due to lack of intellectual resources?
|Share |||By Randall Parker at 2014 November 20 08:03 PM|