Homepage Cyberwar Cybersecurity Cyberspace C-Spionage C-Sabotage Gefährdung Kriminalität Computer Kommunikation mod. Systeme Der Mensch Beratung Bildung Fachberichte Information Kryptologie Emission Verschlüsselung Forschung Begriffe Recht Technik Verschiedenes
Verschiedenes Informationen aus aller Welt Aus der Welt der Pocketsysteme
Original Artikel
Deutsche Übersetzung
 
Quelle : Washington Post
2. Oktober 2011
JIM URQUHART/REUTERS - Mark Fabro, a training consultant working with the U.S. Department of Homeland Security, explains how systems can be exploited at a cyber

By Ellen Nakashima, Published: October 2
IDAHO FALLS, Idaho — Screens glowed, mice clicked and lines of code scrolled on the laptop monitors of a hacker team hired by Barney Advanced Domestic Chemical Co. — or BAD Company — to break into a rival firm’s computer network.
In another room here at Idaho National Laboratory, a computer operator noticed something wrong. “They’re hitting one of our servers!” he said. The lights in the control room soon failed, and liquid gushed from a set of tanks as green and red lights flashed.
“We’ve got a spillover!” shouted the supervisor. “Call the hazmat team!”
This frantic but entirely simulated attack last week on a chemical plant demonstrated what U.S. officials and industry experts say is a little-understood national and economic security threat: the ability of malicious computer code to cripple critical systems that millions of people rely on for food, fuel, safe water and more.
“We’re connecting equipment that has never been connected before to this global network,” said Greg Schaffer, acting deputy undersecretary of the Department of Homeland Security’s National Protection and Programs Directorate. “As we do, we have the potential for problems. That, indeed, is a space our adversaries are paying attention to. They are knocking on the doors of these systems. In some cases, there have been intrusions.”
In the extreme, officials and experts fear a digital attack that causes death, destroys critical machines and sows anxiety about what could come next. The threat exists, they say, because machines running the nation’s plants and other crucial systems are increasingly interconnected.
Meanwhile, the skills of nations and hackers are growing, even as more infrastructure vulnerabilities are detected.
“That’s our concern of what’s coming in cyberspace: a destructive element,” said Gen. Keith B. Alexander, National Security Agency director and the head of U.S. Cyber Command, which is set up to protect the military’s networks. “We have to defend our country better,” he said in September at an InfoWarCon conference Linthicum Heights.
Here in Idaho, the DHS in partnership with Idaho National Labs runs the government’s largest program to research and test the ability of companies to control systems for vulnerabilities, train personnel to mitigate threats and, if requested, dispatch “flyaway” teams to respond to events.
The wake-up call that a physical attack could happen came last year when the world learned about Stuxnet, a sophisticated computer virus that in 2009 had infected controllers in a uranium enrichment plant in Iran, causing about 1,000 centrifuges to spin out of control and delaying Iran’s nuclear enrichment program. No one was killed, but the event marked the first targeted attack against an industrial control system. It was also the first documented use of a military-grade weapon built entirely from code.
A “game-changer,” said Marty Edwards, DHS Control Systems Security Program director, who led a team of analysts researching Stuxnet.
A “digital warhead” was how Ralph Langner, a German security researcher who helped decipher Stuxnet’s intent, described it. The virus had two parts: a virus-delivery vehicle and a payload.