Thursday, December 24, 2015

IRANIAN CYBERATTACKS EXPOSE ALARMING NEW RISKS; IS OBAMA PAYING ATTENTION?

The U.S. is losing its war against cyberterrorism and someone needs to inform Obama that we're at war

Investor’s Business Daily
December 22, 2015

Cyberwars: Three recent news items are a stark reminder that the U.S. is under increasing global cyberattacks. And it should be a loud warning to the Obama administration that we're losing this war.

First we learned that in 2013 Iranian hackers had gained access to the control system of the Bowman Avenue Dam — which is less than 20 miles from New York City.

The hackers didn't take control of the dam, and no damage was done, but had they gained access to a larger dam, and managed to open its floodgates, the hackers could have caused massive amounts of destruction.

Then we learned that Juniper Networks had suffered a major breach, which involved installing back doors on computer equipment to track communications across private networks using Juniper's system. The company is a major provider of computer network equipment, including security products, to large companies and several government agencies — including the Defense Department, Justice, FBI and Treasury.

CNN reports that the FBI is now investigating whether hackers working for foreign governments were able to spy on the government for up to three years. Juniper has patched its systems, but the extent of the security breach isn't yet known. Nor do they know which state sponsored the attack.

And now we learn that hackers — believed to be from Iran — were able to break their way into networks running the U.S. power grid. The AP reports that security researcher Brian Wallace stumbled on a tranche of 19,000 stolen files that included user names and passwords and detailed engineering drawings of 71 networks and power stations operated by Calpine Corp. in 18 states.

The fact that none of these breaches resulted in any harm — as far as we know — is of no comfort. In many cases, such attacks are learning experiences. The hackers gather intelligence and data to carry out future attacks, and learn how to remain hidden in computer networks.

More worrisome is the scale, frequency and sophistication of cyberattacks being launched against government and private networks.

In 2014, for example, hackers gained control of a large utility's wind farm. The year before that, Russian hackers were able to send encrypted commands to public utilities. In another case, hackers inserted malware that let them spy on U.S. energy companies.

This year, the Office of Personnel Management discovered that it's personnel files had been hacked, allowing cyberattackers to make off with detailed information — including in some cases background checks for security clearance applications and fingerprints — on more than 21 million current and former federal employees.

The inability — or worse, indifference — of government bureaucrats to confront these risks is unacceptable. OPM had been attacked the year before and had been warned by internal auditors about network vulnerabilities. Another audit found that the Federal Aviation Administration suffers "significant security control weaknesses . .. threatening the agency's ability to ensure the safe and uninterrupted operation of the national airspace."

Obama's Health and Human Services brushed aside warnings about security gaps in its Healthcare.gov network, despite the fact that it collects massive amounts of data on millions of enrollees.

The same warnings have been issued, over and over again, to many other agencies.

The problem is that Obama doesn't seem to care. Aside from an occasional speech, and his appointing a cybersecurity "czar," he's given little indication that he's aware of the threat or the need to mobilize against it. And when a state-sponsored attack is uncovered, his response has been lukewarm at best.

Someone needs to tell Obama — or maybe his caddie — that there's a new World War going on.

2 comments:

Anonymous said...

Wouldn't be funny if Ted Kaczynski was right.

Silver Bullet

bob walsh said...

In a word, NO. It's hard to pay attention when you refuse to admit a problem even exists.