October 01, 2011, 11:28 PM —
IDG News Service
Something has gone terribly wrong on the plant floor at ACME Specialty Chemical International Inc.
Liquid is overflowing from vats, the power keeps shutting off, and CEO Jeff Hahn has no idea what's going on. Behind him is a computer used to control the factory. Ominously, the cursor moves around on the screen as if it has developed a life of its own. "I have no control of my mouse," says the woman at the terminal.
It turns out that Jeff Hahn is the one to blame. Like many CEOs, he clicks on any interesting link he sees in his email inbox. This time, he clicked on a link sent by hackers working for a rival company, Barney Advanced Domestic Chemical Co.
Fortunately, ACME Chemical isn't real. It's part of a training exercise run by the U.S. Department of Homeland Security (DHS) and Idaho National Laboratory (INL). And Jeff Hahn isn't actually a CEO. He's a training lead at INL, playing his part in a cyberexercise that took place Friday at the lab's training facility in Idaho Falls, Idaho.
People who run industrial systems, like those at ACME Chemical, have traditionally cared about one thing above all others: They want their machines to run without interruption, and nothing -- not even an important security patch or operating system update -- can get in the way. These obscure systems are built by big companies such as Siemens, Honeywell, and Rockwell Automation, but they've kept a low profile.
Last year's Stuxnet worm changed everything, showing that these types of machines can be attacked, and even brought down with a cyberattack.
That's put the DHS-funded INL security programs in the spotlight, because they form the backbone of the government's plan to secure industrial systems. "In many ways, we are connecting equipment that has never been connected before to this global network, and as we do so, we have the potential for problems," said Greg Schaffer, acting deputy undersecretary with the DHS's National Protection and Programs Directorate, speaking at a briefing for reporters at INL. "They are kicking on the doors of these systems, and in some cases there have been intrusions."