We live in a scary world, as the attacks in Paris and San Bernardino, Calif., underscored recently. Now, imagine a scenario in which foreign actors can cripple our nation’s critical infrastructure — electrical grids, data networks and air-traffic control, to name a few of the vulnerabilities — without exploding a single bomb.
The Associated Press reports that foreign hackers have wriggled their way into the networks controlling the U.S. power grid, obtaining engineering schematics and passwords. With a few keyboard strokes, they are capable of installing malicious code that can knock out electricity service to millions of American households.
The AP cited one case involving Iranian hackers, but remote breaches involving others have occurred about a dozen times in the last decade. The government’s tendency is to keep these breaches secret. The effect is to lull Americans into a false sense of security but also to reduce public pressure to address this as the urgent threat it is.
Hackers have repeatedly proven their ability to penetrate secure government databases. In 2013, cyber criminals hacked into retail giant Target’s credit card database and put the accounts of some 40 million customers at risk. A critical-infrastructure cyber attack, by contrast, could send the nation’s electrical grid into a cascade of shutdowns capable of blacking out entire cities or states.
The website of cyber security firm Norse (map.norsecorp.com), offers a live glimpse of the international hacking war that’s already underway. In about a 20-minute span one recent afternoon, we watched as computer sites in Saskatoon, Canada, and Mersin, Turkey launched thousands of attacks on sites in California. More came from China. Still more from Russia.
Other sites were attacked in Washington State, New York, Dallas and Phoenix, to name a few. There’s no way to tell what the goal is, but hackers normally are looking for weak spots to penetrate and exploit.
Experts say the U.S. power grid has been probed by hackers from various governments as well as the Islamic State. A Homeland Security Department report in 2012 noted 198 cyber attacks on critical U.S. infrastructure, with 41 percent targeting the energy sector.
What to do? Experts say the cost to secure the nation’s power grid could reach $7 billion by 2020. Customers ultimately will bear those costs, which must include establishing multiple firewalls across the country to ensure that an attack on one section of the grid doesn’t prompt cascades of outages.
The government should come clean with the public about the magnitude of the threat instead of playing it down. We’ve seen what terrorists can do with guns and airplanes. The public needs to understand that this, too, is a serious and very real threat to our way of life.