He's baaack!Yes, dear friends, the Technology Curmudgeon has returned from a long hiatus (largely due to activities centered in the other half of his brain) to once again remind you that inside of every InfoTech silver lining (or Silverlight, for that matter) is a big, dark cloud.
This time it's a cloud I warned you all about two years ago. Then it was an ominous thunderhead. Now it's starting to look more like Hurricane Katrina. And we're just about as well prepared for it.
I refer, of course, to the ongoing cyberwar between the USA and China.
No, you probably haven't read about it in the corporate media. Sure, you might have noticed, down around the third or fourth paragraph, a mention of the fact the recent conficker worm likely originated in China. But for the most part it's only infosec professionals who are aware of the fact that China-based attacks against domestic targets, public and private, have been going on for quite some time now.
That may be about to change. As reported in the April 8th Wall Street Journal and Computerworld: “[c]yperspies from China, Russia and elsewhere have gained access to the U.S. electrical grid and installed malware tools that could be used to shut down service”.
As the WSJ article states:
The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven't sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.
"The Chinese have attempted to map our infrastructure, such as the electrical grid," said a senior intelligence official. "So have the Russians."
The espionage appeared pervasive across the U.S. and doesn't target a particular company or region, said a former Department of Homeland Security official. "There are intrusions, and they are growing," the former official said, referring to electrical systems. "There were a lot last year."
Many of the intrusions were detected not by the companies in charge of the infrastructure but by U.S. intelligence agencies, [emphasis added] officials said. Intelligence officials worry about cyber attackers taking control of electrical facilities, a nuclear power plant or financial networks via the Internet.
Authorities investigating the intrusions have found software tools left behind that could be used to destroy infrastructure components, the senior intelligence official said. He added, "If we go to war with them, they will try to turn them on."
Officials said water, sewage and other infrastructure systems also were at risk.
Let's see where we stand now. Pretty much all of our manufacturing is now done in Chinese sweatshops. China has been keeping our spendthrift economy afloat by buying dollars. US firms are shipping IT jobs and infrastructure to China as quickly as possible with, ironically, enthusiastic support from the likes of the WSJ. And now they might have a stranglehold on our power grid, thanks in part to lack of attention to security by power companies.
Or, as the WSJ puts it: “The growing reliance of utilities on Internet-based communication has increased the vulnerability of control systems to spies and hackers, according to government reports.”
This is madness. Anyone who knows anything about the Internet understands that it is an inherently insecure system. Why would utilities rely on something like that? Could it be because, in the aftermath of the deregulation mania of the last decade, power companies (like other corporations) don't want to spend money on anything that doesn't promise a quick profit?
Security costs money. Sure, not securing your cyber-assets could cost you the entire business but, as we have seen recently, companies that are “too big to fail” don't have to worry about that.
So - where will you be when the lights go out?
2 comments:
This is why the Obama administration has cancelled plans to go back to the moon -- our creditors the Chinese Communists are definitely going, and they want no interference from their American debtors spending borrowed Chinese money to return ahead of their arrival on the lunar surface.
We need to stop borrowing money from China yesterday. They're going to be dictating foreign and military policy to us, and we'll owe them too much money to not take orders. As Mike Fix sings, "He who pays the piper calls the tune," and when they finally make their move on Taiwan, we're going to do nothing, and let them capture it.
I think drawing that line is a bit of a reach. I'm more concerned about the willingness of American corporations to put sensitive information within reach of a government that is clearly waging cyberwar on us.
Post a Comment