It’s a dangerous world out there; is this WWIII?

by / Thursday, 17 January 2013 / Published in Smartgrid-CI Blog

Recent events show how unprepared we are against a WW cyber war that has already started.

The two powerplant infections that happened at the end of last year took place in the most unlikely way; through the downloading of malicious software from USB keys.
Why should this be unlikely? 

Because anyone who follows the issue of computer security, even from a distance, knows that this is the way the Iranian grid was infected by the Stuxnet virus last year. We should know better especially since Stuxnet happened, other spectacular attacks took place, including the one on the Shamood plantlast summer in Saudi Arabia where 30,000 workstations were infected.

The first and best protection from infection being prevention, the only conclusion to draw from these events is that even a basic security message has a hard time to go through.

Bad news is that the WW cyber war is just starting.

Almost a year ago already, experts warned about the laughable state of the US SCADA securitythat turned it into an easy entry point into the grid for any malware. 

And the Department of Homeland recently found that “Thousands of critical SCADA systems reachable from the Internet are secured [so to speak] by dangerously weak default” passwords,

In the US, the power infrastructure is the primary target of hackers but not the only one. All sectors are targeted as revealed by a recent report from ICS-CERT 
As an example, a recent attack went after The North Carolina’s IRS system, infuriating GovernorHaley.

Other bad news is that the US is not the only target. WWIII by definition is everywhere.

A recent attack aimed at the Mexican Ministry of Defense website, another one at the Thai Ministry of Culture, another at Sri Lanka’s Ministry of National Security

WWIII involves a broad range of players; terrorist groups, mafioso groups and governments, including North Korea’s 

Is calling these events a war being paranoid? You decide but before, you need to know that most of  most of them took place in the past few days only.

How can we explain so much inertia against clear and a clear and present threat? Is it because of our difficulty inKeeping pace with the rapidly changing and growing threat environment ” as emphasized in the “EnergyInfrastructure Plan”, published in 2010 by the DOE and the Department of Homeland Security?  
True, cyber threats are more diverse and more sophisticated. They can get into your system through Linksys routers or using a very legitimate Java application for a Trojan horse,and sometimes, they can remain undetected for years
 Maybe we are at a time when the usual way of dealing with cyber threat is not working 
anymore. What we need is to establish a world body that will involve all governments interested in a more secure cyber world. We need to set up a set up a transnational organization that will define standards and make their implementation mandatory. What we need, in a word, is a global cyber security policy because it is the only way to respond to a global threat.

Leave a Reply