(CyberWar.news) Top cybersecurity expert Joseph Weiss, whose PBS documentary, CyberWar Threat, premiered Oct. 14, is warning that America’s vast network of computer systems is extremely vulnerable to hacking and disruption by actors ranging from nation-states seeking a military edge to individuals who may only have an axe to grind.
In either event, Weiss says, the threat is not exclusive to government systems but rather includes dramatic vulnerabilities in everyday systems and infrastructure vital to the American way of life.
“When most people hear the term ‘cybersecurity’ they usually expect to hear a story about loss of privacy or identity theft,” he wrote at The Daily Beast. “Or worst-case—that some company or government agency has been hacked. As bad as those invasions may be, there’s a type of cyber-attack that is far more destructive and can have far more lasting effects and yet rarely makes the news.”
“I’m talking about seizing control of industrial control systems,” he continued. “These ubiquitous hidden computers have gradually and quietly been put in charge of all manner of critical infrastructure—including nuclear power plants, the grid, water and gas pipelines, refineries, air traffic control, trains, factories, you name it.”
Have you visited our online store? Click here for the Cyberwar.news Cyber Cafe!
Weiss said that, unlike personal computers, those used to run industrial and infrastructure systems are “largely invisible.” They are not equipped with screens and keyboards, and most people aren’t even aware of their existence.
However, “[t]hey are everywhere because they create tremendous efficiencies and cost savings, and because they exist almost as an afterthought,” oftentimes they are “completely insecure.”
“They often don’t run anti-virus software and by and large no one bothers to scan them to see if they might be infected with malicious software. And guess what? They often are connected to the Internet where a clever hacker half a world away can get access to them,” he wrote.
As CyberWar.news has previously reported, cybersecurity experts have noted that there is malware already in place in the software that operates most of America’s critical infrastructure, making it possible for Moscow to cause economic catastrophe throughout the U.S., according to the Department of Homeland Security. Russia is primarily responsible for placing that malware, DHS warned, but other nation-states have likely done so as well, especially China.
Weiss warns that the threat he is emphasizing is not hypothetical, adding that there have been nearly 750 control system cyber events including both malicious and unintentional incidents, around the world, having a “global impact.”
“Industries have included power companies, pipelines, dams, planes, and trains. Why hasn’t the public heard about them? Most often because the victims didn’t realize it since they didn’t have the right forensics,” he wrote.
Putting at least some of the incidents in serious context, Weiss said that more than 50 of the control system incidents have resulted in as many as 1,000 casualties. They have caused more than 10 electrical outages, and in more than 50 cases there were significant releases of environmentally hazardous materials. In more than 100 cases, attacks damaged physical equipment.
“And most worrisome of all, there have been at least 50 incidents at nuclear power plants (as mentioned in the recently issued Chatham House report on nuclear plant cybersecurity),” he wrote. “The total cost is conservatively estimated to be $40 billion. And it will only increase.”