Policy makers are advocating the setup of a new regulatory body in order to protect city grids from cybercriminals.
Web-connected devices, applications and services make life more efficient, convenient, and can generate more profit for corporations. However, therein lies the problem -- by connecting devices via networks, you create entry points for cybercriminals to infiltrate, and poor security can cause havoc, financial loss and the destruction of computer systems.
In the case of smart grids, hacking can be dangerous -- to the point where some insurance companies refuse to cover hacking events. For example, should a hacker tap into an electricity regulation system, an entire swathe of a city could theoretically lose power or if a hacker tapped into a connected car's system, they could commandeer braking or steering control.
The problem is that while businesses are keen to capitalize on the grid, their security investments often fall short -- and in any chain of connected devices, the weakest link represents the security of an entire system.
The Institute for Electric Grid Cybersecurity, along with a set of guidelines for smart grid developers and utilities to follow, is the dream of the Bipartisan Policy Center. A new report released by the agency includes a set of recommendations to better protect U.S. businesses and consumers from the prevalent and ever-rising problems of hacking.
Discussing the report (.PDF) at the center last week, former National Security Agency and C.I.A. Director Gen. Michael Hayden called cyberthreats "almost self-evident," before saying that hackers can, and want to "degrade, disrupt, deny, destroy" networks and that everyone needs to take responsibility.
"This cannot be done with just good will and executive action; it’s going to require Congress to actually face these issues and make some decisions that provide some legislative structure in terms of protection and responsibility that makes this more possible than it is today,” Hayden said.
While discussing the report, the panel used the example of the Northeast blackout of August 2003, where a tree branch caused $6 billion in costs to the U.S. economy. While the blackout was the result of a natural event rather than a hack, an outage of such proportions is possible if smart grids and critical infrastructures are not protected.
Read on: Threat Post
Image credit: Flickr