The Providence Journal (R.I.), Jan. 8: We’ve all heard about computer hackers and their successful efforts to breach the data of shoppers, corporations and federal agencies. It should come as no surprise, then, that other information is also a prime target for hackers. And as recent reports by the Associated Press and The Wall Street Journal make clear, those targets include the computer systems that run America’s infrastructure – its power grids and pipelines, and its bridges, dams and factories. According to the AP report, a security researcher tracing hackers who had accessed a California university’s housing files discovered something far bigger: hackers had obtained passwords, engineering drawings and other information on “dozens of power plants.” Though some of the information was old, the incident was not unique. On about a dozen occasions over the past decade, “sophisticated foreign hackers gained enough remote access to control the operations networks that keep the lights on,” the AP reported. The Wall Street Journal report described how Iranian hackers “crawling the Internet, looking for vulnerable U.S. industrial control systems” breached the system controlling a small dam about 20 miles from New York City. As these reports and others make clear, the security systems used by government and industry are frequently outmatched when it comes to cybersecurity. In fact,
many of the private systems were built before network security was such a huge issue. But the threat is real. The Federal Energy Regulatory Commission reported nearly two years ago that an attack on just nine key power stations could cause a coast-to-coast blackout that lasts for months. And as Department of Homeland Security Secretary Jeh Johnson said last fall in prepared remarks to the House Committee on Homeland Security: “often, the most sophisticated actors penetrate the gate, through a simple act of spearphishing, because they know they can count on a single user letting his guard down.” Mr. Johnson urged lawmakers to act on legislation that would allow the federal officials to fully deploy a new security system across all federal agencies, and pass the Cybersecurity Information Sharing Act, which would allow sharing of information on Internet traffic between the U.S. government and industry . Some lawmakers, notably including U.S. Rep. James Langevin, D-R.I., who is cofounder and co-chairman of the Congressional Cybersecurity Caucus and has long spoken of the need for stronger cyberdefenses, understand the threat. But Congress as a whole needs to treat this issue with the urgency it deserves and give federal agencies and private industry the incentives and tools they need to prevent breaches that could plunge us into darkness, or worse.
Comments are not available on this story. Read more about why we allow commenting on some stories and not on others.
We believe it's important to offer commenting on certain stories as a benefit to our readers. At its best, our comments sections can be a productive platform for readers to engage with our journalism, offer thoughts on coverage and issues, and drive conversation in a respectful, solutions-based way. It's a form of open discourse that can be useful to our community, public officials, journalists and others.
We do not enable comments on everything — exceptions include most crime stories, and coverage involving personal tragedy or sensitive issues that invite personal attacks instead of thoughtful discussion.
You can read more here about our commenting policy and terms of use. More information is also found on our FAQs.
Show less