Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

New docs show DHS was more worried about critical infrastructure flaw in '07 than it let on

Jaikumar Vijayan | July 10, 2014
The Department of Homeland Security mistakenly released details on an experiment in which a 27-ton generator was destroyed via a cyberattack.

Another compares the test to "shifting a car into reverse while it is being driven on a highway, or the effect of revving the engine up while the car is in neutral and shifting it into drive." The test resulted in a total loss of generating capability with extensive damage to equipment in just three minutes.

Results from the tests were expected to generate significant follow-up activities, with then-DHS secretary Michael Chertoff, Congress and the White House Homeland Security Council being briefed on the experiment.

Joseph Weiss, managing partner at Applied Control Systems LLC, a firm specializing in industrial control systems, said the new document refocuses attention on a problem that affects every utility substation in the U.S. and which the DHS and industry has known about for years.

Ever since the CNN video went public, the government and stakeholders in the utility industry have systematically attempted to downplay the seriousness of the threat, Weiss maintained. With the exception of two utilities that are in the process of implementing a fix for the vulnerability highlighted by the Aurora experiment the rest are doing nothing, he said.

The new documents show everybody, including potential attackers, that the vulnerability affects not just utilities but other critical infrastructure players, as well, Weiss said.

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.