Nation states preparing cyber strikes against critical infrastructures
Critical U.S. infrastructures are being penetrated by foreign states
in preparation for devastating future cyber attacks designed to cripple
electrical power, communications and financial networks, the commander
of the U.S. Cyber Command told Congress on Thursday.
Adm. Mike Rogers, Cybercom chief and director of the National
Security Agency, said foreign states have broken into the networks that
control industrial systems for a range of what the U.S. government
considers 16 critical infrastructures, ranging from electrical power,
water, telecommunications and financial systems.
“We have seen instances where we’re observing intrusions into
industrial control systems,” Rogers told the House Permanent Select
Committee on Intelligence.
“What concerns us is that access, that capability, can be used by
nation-states, groups or individuals to take down that capability,” he
said, noting that hackers believed linked to Iran destroyed 3,000
computers at the Saudi state oil company Aramco.
Cyber Command is tasked with protecting critical infrastructure from
attacks by sophisticated hackers, whether from China, Russia, Iran or
other states to criminals and hacker groups.
“We clearly are seeing instances where nation-states, groups and
individuals are aggressively looking at acquiring that capability,”
Rogers said.
“What we think we’re seeing is reconnaissance by many of those actors
in an attempt to insure they understand our systems so that they can
then, if they choose to, exploit the vulnerabilities within those
control systems.”
The comments followed reports from the Department of Homeland
Security that industrial control systems used to operate critical water
and energy infrastructure were targeted in cyber attacks that succeeded
in planting malicious software.
The DHS Industrial Control System-Cyber Emergency Response Team
stated in a notice to the private sector that it has uncovered “a
sophisticated malware campaign that has compromised numerous industrial
control systems environments using a variant of the BlackEnergy
malware.”
BlackEnergy is a software that security researchers say has been used by Russian government cyber attackers.
Rogers said controls systems are “fundamental to how we work most of our infrastructure across this nation.”
“They are foundational to almost every networked aspect of our life,
from our water to our power to our financial segment to the aviation
industry just as examples,” he said.
Rogers said one trend in escalating cyber attacks over the next year
is the danger that hackers will penetrate industry control systems.
“It’s among the things that concern me the most because this will be
truly destructive if someone decides that’s what they want to do,” he
said.
Rogers declined to specify the nation states that are mapping U.S.
networks but acknowledged that Russia and China are among them.
For example, an attack on electrical power control systems could
order power turbines to stop operating thus cutting off electricity. “I
mean, it enables you to shut down very segmented, very tailored parts of
our infrastructure that forestall the ability to provide that service
to us as citizens,” he said.
Committee Chairman Mike Rogers, (R-Mich.) said during the hearing
that Chinese government hackers have penetrated some U.S. critical
infrastructure networks, and the Cyber Command chief said in addition to
China “one or two” other nations are working on infrastructure cyber
attacks.
“We’re watching multiple nation states invest in this capability,”
Adm. Rogers said. “We see them attempting to do reconnaissance on our
systems, attempting to generate insight about how our networks are
structured. We see them doing research in this area. We see them
attempting to steal information on how our systems are configured, the
very specific schematics of most of our control systems, down to
engineering level of detail so they can look at where the
vulnerabilities, how are they constructed, how could I get in and defeat
them.”
Chairman Rogers said Chinese economic cyber espionage has “grown
exponentially in terms of volume and damage done to our nation’s
economic future.”
“Chinese intelligence services that conduct these attacks have little
fear, because we have no practical deterrence to that theft,” Mr.
Rogers said.
Iran also has conducted “very challenging” denial of service cyber attacks on financial networks in 2012, Mr. Rogers said.
“Trojan horse malware” linked to Russia was detected on industrial
control software used in a wide range of critical American
infrastructures, Mr. Rogers said.
“Our critical infrastructure networks are extremely vulnerable to
such a damaging attack, and we can’t count on a deterrence if we’re
already in an adversarial position with a nation like China or Russia,”
Mr. Rogers said.
“Most of our critical infrastructure providers are doing their best
to better secure their networks,” he added. “But if they get attacked by
an adversary with the resources and capabilities of a nation state like
China or Russia or Iran, it certainly isn’t a fair fight.
Adm. Rogers said he has told his troops and employees that “I fully
expect that during my time as the commander we are going to be tasked to
help defend critical infrastructure within the United States because it
is under attack by some foreign nation or some individual or group.’
Recent cyber attacks against critical infrastructure “leads me to
believe it is only a matter of the ‘when,’ not the ‘if’ that we are
going to see something traumatic.”
No comments:
Post a Comment