The Defense Department needs to shore up cyber defenses in its energy supply chain in order to protect against a Stuxnet- or Shamoon-style attack, according to a study commissioned by the U.S. Army War College's Strategic Studies Institute.
Concerns over potential vulnerabilities in critical infrastructure have increased as electrical grids and other systems become more IP-connected, and in the wake of several high-profile attacks. Stuxnet, reportedly the result of a joint U.S.-Israeli effort, disrupted uranium processingin Iran in 2010 by manipulating programmable logic controllers in centrifuges. The Shamoon malware infiltrated the network of Saudi Aramco in August 2012 and wiped out hard drives on as many as 30,000 computers.
A large-scale attack on energy production may be unlikely, but DLA would be wise to protect its fuel distribution network, such as its Fuels Automated System, which is IP-connected and runs Windows, according to the report’s author, Christopher Bronk, a fellow in IT policy at Rice University's Baker Institute.
“For the DOD, vulnerability exists in the distribution of fuels, where there are also likely issues of cyberattack and disruption.” He wrote. “Much like other large organizations, the DOD has adopted networked computers for all manner of administrative and logistical activity.”
No comments:
Post a Comment