19 April 2018

What the Hoover Dam shows about hardening critical infrastructure

By: Meredith Rutland Bauer

Cybersecurity is often discussed in terms of mission-critical information in far-off databases or personal information stored on handheld devices, but what about the cybersecurity of bridges, power plants and dams? Securing old-school infrastructure against cyber attacks is critical now that they rely on digital interfacing for day-to-day operations, experts and government officials say. Power plants, drinking water facilities and even oil pipelines rely on strong cybersecurity to prevent service outages. While experts say the U.S. has never had a significant incident as a result of a cyber breach at one of these facilities, the repercussions of a successful attack could range from merely inconvenient to deadly.

“Protecting infrastructure like dams, nuclear or water from cyber attack is as serious a national security problem as protecting classified databases,” said Sergio Caltagirone, director of threat intelligence and analytics at Dragos, an industrial threat detection and response company. “Unlike many other digital assets, our critical physical infrastructure involves risk to lives and civil society.”

Jason Denno, director of the cyber operations program at the University of Arizona South, said the public generally doesn’t realize the nation’s critical infrastructure is tied into digital systems until something goes wrong.

Cybersecurity personnel are working behind the scenes to keep those assets safe, but Denno cautioned that more focus needs to be placed on critical infrastructure because some relies on decades-old computer systems and not all infrastructure is being maintenanced with up-to-date best practices.

“There is a significant amount of infrastructure out there that still runs on [MS] DOS,” he said, referring to the computer operating system first released in 1981. “Some old systems are obviously vulnerable because they have no protection, as well.”

Setting the standards

Christine Pommerening, cyber security policy professor at George Mason University, said critical infrastructure cybersecurity follows Process Control System guidelines set by security industry working groups. Peter Soeth, spokesman for the U.S. Bureau of Reclamation that manages several federal dams including the Hoover Dam, added that federal cybersecurity standards are set by the National Institute of Standards and Technology.

Pommerening said critical infrastructure — everything from hospitals to highway signs to drinking water plants — are being probed “all the time,” but often those efforts aren’t malicious. But sometimes, they’re scouting missions for later attacks.

Experts say cyber security staff at the local, state and federal level should implement best practices such as allowing monitored internet access for the business side of the office but keeping operational support on a closed-network intranet. Denno said additional safeguards are often put into place, such as keeping various parts of the operation isolated in their own intranets.

“If there’s no legitimate business purpose for two computers to be talking to one another, we deny access for them to do that,” he said.

But cyber attacks on international infrastructure still occur, such as when the 2017 WannaCry attack disrupted hospital services in the U.K.

A 2013 cyber attack on a New York dam raised questions about the security of U.S. infrastructure. The hackers targeting Bowman Avenue Dam didn’t get operational control of the floodgates, Newsweek reported in 2016.

What an attack on the Hoover Dam would mean

Speaking of dams, Soeth said there has never been a successful attack against Hoover Dam. That’s important, Pommerening said, because dams have no backup if they fail. Unlike power grids, where another substation can pick up part of the load to avoid a blackout, there’s rarely a second dam downstream.

If Hoover Dam stopped allowing water through — or worse, if a deluge flooded the towns downstream — there could be immediate and long-term consequences. The water that flows through the dam powers hydroelectric turbines that provides electricity to about 1.3 million people three states and prevents annual floods in Arizona and Nevada by taming the tumultuous Colorado River.

But more than that, the dam acts as a reservoir via Lake Mead, the 247-square-mile lake behind Hoover Dam. Twenty-five million people in three states across the Southwest rely on Lake Mead for a sizable portion of their supply of potable water, and some states will stash away extra water during wetter years to prepare for inevitable droughts in these desert environments.

The Southwest is currently in the midst of a 19-year-long drought, and the ever-shrinking water supply stored in Lake Mead is critically important for drinking water, crop irrigation and for city and suburban expansion. A successful cyber attack could halt growth and plunge the Southwest into an even deeper, more dangerous drought — potentially causing a regional economic slowdown, food insecurity and a public health crisis.

Caltagirone said cybersecurity within critical infrastructure sites needs to be prioritized nationally.

No comments: