Subscribe to RSS / Follow on Twitter / Join Facebook page / Advertise on The Klaxon / Log in / Register

The Klaxon / Crisis. It reveals character.
Resources

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Related Posts
Most Popular
  • Time to volunteer for Haiti earthquake will come; right now, victims need experts
  • Jobs
  • California earthquake should be Golden State's wake-up call to prepare
  • It's time to wake up, America: Amy Bishop, Fort Worth terror suspect epitomize fear to speak up
  • 8.8-magnitude quake sends Chile warning to the Ring of Fire
  • Louisiana sheriff's 'Operation Exodus' needs its own emergency plan
  • University of Alabama shooting highlights communication problem
  • Help Pittsburgh sisters devastated by Haiti earthquake
  • UK threat level has entire world on alert for terrorism
  • Contact
    •
    1. Time to volunteer for Haiti earthquake will come; right now, victims need experts
    2. Jobs
    3. California earthquake should be Golden State's wake-up call to prepare
    4. It's time to wake up, America: Amy Bishop, Fort Worth terror suspect epitomize fear to speak up
    5. 8.8-magnitude quake sends Chile warning to the Ring of Fire
    • Flashpoint: Mechanical

    McAfee report exposes cyber extortion of U.S. power grid

    By Chuck Frank / chuck@theklaxon.com / 01.29.2010

    Updated on: 01.29.10 at 12:18 am

    Manny Francisco, Manila, The Phillippines/caglecartoons.com

    Operation Aurora in December 2009 silently was launched by Chinese hackers. Their goal: Retrieve the source codes from Google, Adobe, Juniper and 34 other high-profile companies.

    The opportunity they exploited was a little-known programming hole called “zero-day” in the Internet Explorer software. To date, this has been the most sophisticated and wide-spread cyber attack on American business interests.

    In the Cyber Wars, this was the parking garage bombing of the World Trade Center in 1993. We had better make this priority one, or the next time it may be “lights out” for the U.S. at an inopportune moment.

    McAfee made public Thursday “In The Crossfire: Critical Infrastructure in the Age of Cyber War,” a report commissioned by the company to detect cyber threats. It discloses that foreign national states, especially China, are sponsoring cyber attacks that are focusing on the companies that make up the electric grid, oil and gas producers, telecom and transport networks, as well as water and sewage filtration plants.

    The most victimized sector is oil and gas with power following in second position.  More than 54 percent of large-scale cyber attacks in the past year have targeted Critical Infrastructure Enterprises. The attacks focus on Computerized Operational Control Systems, which—once they have been compromised—allow hackers direct control of all operational systems.

    Imagine how annoying it will be to find oneself in the middle of a coordinated missile defense scenario due to an attack by China and have the power go out. What is Plan B in that event? Run down to the silo and light a match to the fuse?

    Here’s even better news: Due to the global recession, most information technology departments of Critical Infrastructure Enterprises are experiencing budget cuts. Due to the overall costs, executives don’t want to pay for additional cyber security.

    The real culprit, though, is lack of awareness of the risk.

    “Cyber is a three-legged stool,” said retired Gen. Michael Hayden, adding the three legs were “ease-of-use, security and privacy … To date, almost all of our creative energies have been put into ease-of-use and like any three-legged stool, if you don’t have all three legs, what you have is firewood.”

    The McAfee report estimates the average cost of downtime for a 24-hour period due to a major cyber offensive against a Critical Infrastructure Enterprises to be approximately $6,300,000.

    What Americans don’t know, however, is that many of these enterprises are paying extortion fees to hackers who compromise their systems, threaten operational shutdowns, and demand payment to desist.

    Who says you have to come to the U.S. to live the American dream? Currently, India, Saudi Arabia/Middle East, China and France are the nations that are experiencing the most negative affect from Cyber Warfare. The U.K. and the U.S. are the two countries where attacks are most rare, even though the U.S. is a primary target.

    The U.S. government needs to move this issue to the front burner and heed the warning of Operation Aurora. A major attack on our power grid alone will cause wide spread economic disruptions and loss of life, not to mention gigantic holes in national security.

    Comments(4)

    1. While the “zero-day” exploit is certainly a critical vulnerability, businesses should realize that the goal of the attackers is access and control of sensitive data. AppSecInc recent study shows 43% of all corporate databases store sensitive data suggesting that the most critical defense is to protect the data where it lives… in the database!

      John Ottman
      President and CEO
      Application Security, Inc.
      http://www.appsecinc.com

    2. Social comments and analytics for this post…

      This post was mentioned on Twitter by securitystuff: Power Grid (ggl): McAfee report exposes cyber extortion of US power grid – The Klaxon http://bit.ly/aNpR6e Full http://bit.ly/c89oKY...

    3. nice post. thanks.

    4. Top Stuff. keep it up, but more links to other sites would help me more too.

    Respond





    © The Klaxon 2010 / Terms and Conditions / Contact Us
    Powered by WordPress 2.9.2 / The Klaxon is a handheld journalism medium.
    Site design and development by Greg Mihalko

     Thanks to our partners:
    Providence Emergency Management Agency