Cyber defenders still don’t understand the real threats that the power grid, energy plants and other critical infrastructure face.
In the last few years, several government officials have made a series of alarmistclaims, warning that the United States would soon be hit a “Cyber Pearl Harbor.” That analogy indicates a theoretical cyber attack that shuts down the power grid, or causes real world, physical damage by hitting critical infrastructure like a nuclear power plant or a reservoir. It’s definitely a scary scenario, and one that’s fueled some Hollywood flicks.
But according to cybersecurity experts that actually work on industrial control systems, or ICS, we shouldn’t worry about a “Cyber Pearl Harbor” so much. Yet, there are real threats to critical infrastructure that are being wrongly ignored and underestimated.
For example, infrastructure cyber defenders are not taking the threat of targeted malware seriously enough, according to Robert Lee, the founder of security firm Dragos and a former Air Force cyberwarfare officer.
“We don’t have grid-ending stuff going on. It’s not like all this stuff is going to fail, it’s not like a random piece of malware in a power system or water system or even a nuclear system is going to cause anything bad to happen. It might impact operations, and it’s not good. But it’s not life ending and it’s not a safety issue at all,” Lee told Motherboard in a phone call.
“But at the same time we do have obviously targeted efforts by adversaries that are seemingly increasing year on year and we can at least show that there’s dozens of them that we found and that speaks to the level of needing to do better,” Lee added.