U.S. Feds target control systems hackers
THE U.S. DEPARTMENT of Homeland Security will spend $11.7 million on research to secure the computer-aided control systems that operate the nations critical infrastructure. The new funds announced in June 2005 will help continue studies in cyber security that started last year at the U.S. Department of Energys Idaho National Laboratory (INL).
Were at the point where industry is beginning to recognize the potential threats of unsecured control systems and they are more willing to work with government agencies to improve the security of the nations critical infrastructure, said Julio Rodriguez, department manager for critical infrastructure assurance at INL.
The computers that control infrastructure have become increasingly vulnerable to hacker attack. Standard software, ubiquitous Internet connections, and more available information have combined to make bringing down the power grid, flooding a sewer system, or opening a dam relatively easy (see Hacking the Grid).
Still, some security experts are nonplused by the potential threat. Theres not a Windows box with a big button that says, Open the dam, said Marc Maiffret, chief hacking officer at eEye Digital Security. But there is a Windows box that says, Hey, were having more pressure. We need to release some water through the dam. If those notifications arent going off, you could have a problem.
The DHS has already granted $2.5 million to 13 companies through its Homeland Security Advanced Research Projects Agencys Small Business Innovation Research Grants. Last year, the department spent $10 million on similar research at INL.