Imagine no Internet for a few weeks. Imagine if that is because there is no power grid. CNN.Money: Cyber-Safe: How Corporate America keeps huge hacks secret
<read>
The backbone of America — banks, oil and gas suppliers, the energy grid — is under constant attack by hackers.
But the biggest cyberattacks, the ones that can blow up chemical tanks and burst dams, are kept secret by a law that shields U.S. corporations. They’re kept in the dark forever.
You could live near — or work at — a major facility that has been hacked repeatedly and investigated by the federal government. But you’d never know.
What’s more, that secrecy could hurt efforts to defend against future attacks.
The murky information that is publicly available confirms that there is plenty to worry about.
Unnamed energy utilities and suppliers often make simple mistakes — easily exposing the power grid to terrorist hackers and foreign spies. A CNNMoney investigation has reviewed public documents issued by regulators that reveal widespread flaws.
Reminds us of the “little” error by a DNC vendor a few weeks ago. Except that a successful attack on the power grid vulnerability could be much more devastating.
Robert M. Lee spent time in the U.S. Air Force, where he identified critical infrastructure attacks as a “cyber warfare officer.” Now he travels the world for the SANS Institute, teaching the actual government investigators and power plant computer teams who face these types of dangerous attacks.
Except he doesn’t have any class material. He can’t find it. It’s all secret.
“My class is the only hands-on training for industrial control systems, but my students’ number one complaint is that there aren’t case studies or enough data out there about the real threat we’re facing,” he said. “There’s no lessons learned. It is extremely destructive to the overall national security status of critical infrastructure.”
