On the front line against the next Stuxnet

Meet the people who will get the call when the next Stuxnet worm strikes

By , IDG News Service |  Security, dhs, Stuxnet

Greg Schaffer, Acting Deputy Under Secretary, DHS National Protection and Programs Directorate talks at the ICS-CERT Watch floor. This is one of two ops centers that handle security response for industrial control systems. The second is at the National Cybersecurity and Communications Integration Center in Washington DC. The DC center operates 24x7. Not so here at the Idaho Falls facility.

IDG News Service

Something has gone terribly wrong on the plant floor at ACME Specialty Chemical International Inc.

Liquid is overflowing from vats, the power keeps shutting off, and CEO Jeff Hahn has no idea what's going on. Behind him is a computer used to control the factory. Ominously, the cursor moves around on the screen as if it has developed a life of its own. "I have no control of my mouse," says the woman at the terminal.

It turns out that Jeff Hahn is the one to blame. Like many CEOs, he clicks on any interesting link he sees in his email inbox. This time, he clicked on a link sent by hackers working for a rival company, Barney Advanced Domestic Chemical Co.

Fortunately, ACME Chemical isn't real. It's part of a training exercise run by the U.S. Department of Homeland Security (DHS) and Idaho National Laboratory (INL). And Jeff Hahn isn't actually a CEO. He's a training lead at INL, playing his part in a cyberexercise that took place Friday at the lab's training facility in Idaho Falls, Idaho.

People who run industrial systems, like those at ACME Chemical, have traditionally cared about one thing above all others: They want their machines to run without interruption, and nothing -- not even an important security patch or operating system update -- can get in the way. These obscure systems are built by big companies such as Siemens, Honeywell, and Rockwell Automation, but they've kept a low profile.

Last year's Stuxnet worm changed everything, showing that these types of machines can be attacked, and even brought down with a cyberattack.

That's put the DHS-funded INL security programs in the spotlight, because they form the backbone of the government's plan to secure industrial systems. "In many ways, we are connecting equipment that has never been connected before to this global network, and as we do so, we have the potential for problems," said Greg Schaffer, acting deputy undersecretary with the DHS's National Protection and Programs Directorate, speaking at a briefing for reporters at INL. "They are kicking on the doors of these systems, and in some cases there have been intrusions."

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question