In recent weeks, federal officials have alerted the operators of natural gas pipelines that their computer networks have been the targets of a series of cyber attacks.
Officials with the U.S. Department of Homeland Security confirm that their Industrial Control Systems Cyber Emergency Response Team, along with the FBI and other agencies, have been working with pipeline companies to answer the threats.
The cyberthreat to the natural gas infrastructure is just a brushstroke in a bigger picture of an ongoing and evolving cybersecurity threat to the government and the nation, according to Greg Wilshusen, director of information security issues with the Government Accountability Office—the auditing and investigative arm of the U.S. Congress.
“We are vulnerable to cyber attacks, be they intended or unintended,” he says. “The number of reported security incidents within the federal government has increased about 680 percent over the last six years.” Incidents went from 6,600 in fiscal year 2006 to nearly 43,000 in fiscal year 2011.
Asked to explain such widespread vulnerability, Wilshusen notes that almost all federal agencies have “weaknesses in almost all information security categories that we track.” Wilshusen is quick to acknowledge that the administration and many federal agencies have initiatives now underway to improve the security of their computer networks.
“There’s increased focus on continuous monitoring, which could provide more timely information about the security state of an agency’s computing environment. There’s also a focus on implementing personal identity verification cards, which will help with identity authentication management.”
Wilshusen says that as technology has evolved, so has the nature and the scope of cybersecurity threats to the nation.
“They’re becoming more sophisticated,” he says, citing reports about Stuxnet, malware that targets Microsoft Windows-based industrial control computers, and which reportedly was developed to attack Iranian nuclear development facilities in 2010.
“It was a game changer,” Wilshusen continues. “It exploits multiple vulnerabilities and also demonstrates that a software-based attack can do damage to equipment supporting critical infrastructure.”
He also suggests that cybersecurity threats now originate from a wider variety of sources with an equally widening array of motives. “Nations, for example, seek economic, political and military advantage, so they may use cyber-based tools to seek advantage over their adversaries and competitors. Some nations are actively developing doctrine for information warfare.”
Wilshusen says criminals are another source of cybersecurity threats, and their motives are to seek monetary gain. Other sources, he indicates, include international corporate spies, hackers and terrorists.
Another factor in the evolution of the cybersecurity threat has been changes in the types, and the ways, that people use technology.
“As people and organizations and government agencies use and deploy newer technologies, like social media and wireless mobile computing, there are brand new capabilities that allow agencies and businesses to operate more efficiently and deliver services. But these new technologies can also bring additional risks to the information and services that these organizations provide.”
He concludes that the technology often outpaces policy when it comes to safeguarding cybersecurity.
Wilshusen recently testified before the House Homeland Security Committee’s Oversight, Investigations and Management Subcommittee.