When the Los Angeles Department of Water and Power was hacked in 2018, it took a mere six hours. Early this year, an intruder lurked in hundreds of computers related to water systems across the United States. In Portland, Oregon, burglars installed malicious computers onto a grid providing power to a chunk of the Northwest.
Two of those cases—L.A. and Portland—were tests. The water threat was real, discovered by cybersecurity firm Dragos.
All three drive home a point long known but, until recently, little appreciated: the digital security of U.S. computer networks controlling the machines that produce and distribute water and power is woefully inadequate, a low priority for operators and regulators, posing a terrifying national threat.
“If we have a new world war tomorrow and have to worry about protecting infrastructure against a cyberattack from Russia or China, then no, I don’t think we’re where we’d like to be,” said Andrea Carcano, co-founder of Nozomi Networks, a control system security company.
Hackers working for profit and espionage have long threatened American information systems. But in the last six months, they’ve targeted companies running operational networks like the Colonial Pipeline fuel system, with greater persistence. These are the systems where water can be contaminated, a gas line can spring a leak or a substation can explode.
The threat has been around for at least a decade—and fears about it for a generation—but cost and indifference posed obstacles to action.
It isn’t entirely clear why ransomware hackers—those who use malicious software to block access to a computer system until a sum of money has been paid—have recently moved from small-scale universities, banks and local governments to energy companies, meatpacking plants and utilities. Experts suspect increased competition and bigger payouts as well as foreign government involvement. The shift is finally drawing serious attention to the problem.
BY Kartikay Mehrotra, From Bloomberg News
