Hackers can now mess with our infrastructure. Thanks, internet
In case you missed it, we made a video about the Internet of Things this week. It involves jelly fish and nerve nets and egg trays (oh my!), so you should really check it out, but if you don’t have the three minutes and 25 seconds, here’s the gist: The Internet of Things is the more than 1.3 billion (and growing) gadgets and sensors currently connected to the internet. These “things” can help us regulate water and energy use, route trains and cars, control internal heating systems, even keep track of the contents of our refrigerators. Basically, the IoT is a very powerful tool for sustainability.
But where there’s an internet-connected device, there’s a hacker waiting to mess with it (OK — maybe not in your fridge), which means the more we connect our infrastructure and resources to the internet, the more vulnerable we and the environment will be to cyber attacks. And according to the The New York Times, it’s already time to start worrying:
The phrase “cyber-Pearl Harbor” first appeared in the 1990s. For the last 20 years, policy makers have predicted catastrophic situations in which hackers blow up oil pipelines, contaminate the water supply, open the nation’s floodgates and send airplanes on collision courses by hacking air traffic control systems.
“They could, for example, derail passenger trains or, even more dangerous, derail trains loaded with lethal chemicals,” former Defense Secretary Leon E. Panetta warned in 2012. “They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.”
Here are some numbers that will freak you out, from the Times:
- 150 — the number of times that foreign hackers have infiltrated the Department of Energy’s networks in the past four years
- 163,228 — the number of cyber attacks against industrial control systems that occurred in January 2013, according to Dell Security
- 675,186 — the number of cyber attacks against industrial control systems that occurred in January 2014, according to Dell Security (most of these were in the U.S., Britain, and Finland)
- 1,000 — the number of energy companies across Europe and North America targeted in an attack that the U.S. Department of Homeland Security said it was investigating last year
- 60 — the percent of pipeline operators in North America whose critical information was accessed by CHinese hackers in an attack on Schneider Electric
- 50,000 — the number of computers and servers at South Korean banks and media companies that North Korean hackers “knocked out” for several days
- 90 — the number of minutes that computers at various U.S. airports went down yesterday (the Department of Homeland Security has yet to say what caused the outage)
Fortunately, countries with the most advanced hacking capabilities like China, Russia, Israel, and Britain are unlikely to launch any serious attacks against the U.S., the Times reports. That’s because either: a.) They’re our allies, so attacking us would be super uncool; or b.) they realize that throwing down the cyber gauntlet with the U.S. would be trés unwise (USA! USA! USA!).
But as former head of the NSA Michael V. Hayden told the Times, the “renegade, lower-tier nation-states that have nothing to lose” — Iran, North Korea, and Islamic militant groups, for example — are cause for concern. These groups may not have the capabilities to do serious damage yet, but they’re working on it.
In 2012, U.S. intelligence officials reported that Iranian hackers attacked Saudi Aramco, the world’s largest oil company, replacing data on its computers with images of a burning American flag. In that incident, and another Iranian attack, this time against Qatari oil company RasGas, hackers tried to infiltrate oil production systems but never made it past corporate servers, the Times reports.
More recently, hackers attacked a German steel mill, causing serious damage to a blast furnace. And just last week, hackers with the Washington State National Guard showed that they could infiltrate the Snohomish County Public Utility District computer system in just 22 minutes.
So as cool as the Internet of Things is, it’s important that we don’t get ahead of ourselves here. Cybersecurity has to be a top priority, right above making your smart fridge compliment your hair every morning. I mean, we all remember the great Sony hack of 2014, right? That was a big deal, but it was mostly just an internet dump of corporate gossip. Imagine what will happen when hackers start going after our water supply and electrical grid. Shit’s gonna get real, and the aftermath will be way less fun to talk about in the grocery store checkout line.
Online Attacks on Infrastructure Are Increasing at a Worrying Pace,
The New York Times