Expert: 'Wired nation' risks cyber attack

Speakers at HCC conference discuss risks, efforts to thwart disruption of key systems

April 12, 2012|By DON AINES | dona@herald-mail.com

By Kevin G. Gilbert, Staff Photographer

More than 303,000 cyber security-related complaints were recorded by the U.S. Department of Justicein 2010, more than 17 times the number a decade earlier, posing a growing threat to the nation’s economic and military security.

On Thursday more than 100 business people, government officials and students gathered at Hagerstown Community College for the 2012 Cyber Security Regional Conference co-hosted by U.S. Rep. Roscoe Bartlett to discuss what can be done to prevent and defend against cyber attacks.

“From your private e-mail to our corporate secrets to our national security, cyber (security) is becoming an increasing concern,” Bartlett, R.Md., said after the conference. “We’re beginning to learn that our greatest strength is becoming our greatest vulnerability.”

Cyberspace “is the newest domain of the Department of Defense,” said Air Force Brig. Gen. Linda R. Medler, the director of Capability and Resource Integration for the U.S. Cyber Command.

The military is working to improve security by several means, including developing cyber command and control strategy and policies; creating more defensible military and civilian technology infrastructure; and building and training cyber teams, Medler said.

“There is a profound shortage of cyber experts,” she said, recommending that career path to a group of Washington County Technical School students in the Kepler Theater.

Speakers discussed threats to power grids, sewer and water systems, and communications.

A successful cyber attack on the power grid could black out a large region and take more than a year to restore, said Bartlett, a sponsor of the Cyber Intelligence Sharing and Protection Act of 2011.

A team from Chickasaw Nation Industries did a table-top demonstration of how hackers could obtain a user name and password, and bridge “air gaps” and other security measures to compromise and disable a system, in this case overloading a light bulb.

Solar- and wind-energy programs might come to mind when people think about the Department of Energy, but Chief Information Security Officer Gil Vega reminded those in attendance that “we own, develop and maintain the nation’s nuclear weapons.”

In July 2011, three Department of Energy laboratories suffered sophisticated cyber attacks, Vega said.

“There is a danger to multilevel security ... it lulls you into a false sense of security,” Vega said.

Governments and industries need to focus on securing data, knowing where it is sent, and who has access to it, he said.

Joe Albaugh, chief information security officer for the Federal Aviation Administration said new technologies, such as satellite-based navigation and surveillance, pose cyber attack risks for the air-transportation system.

Security measures should be incorporated into their designs, rather than “bolted on” later, he said.

The ubiquity of technology — and dependence upon it — in business, defense and in everyday lives makes it difficult to revert to the kinds of security measures that worked before the Internet.

“It’s cultural now,” Vega said. “We’re a wired nation.”

|

|

|