Part One of Two parts
In the year 2000, the U.S. Federal Government computer networks were attacked by foreign entities. In reaction to these intrusions, Congress created the Federal Computer Incident Response Center (FedCIRC) at the General Services Administration. The FedCIRC was designed to be central hub to coordinate and share information between federal organizations.
When the Department of Homeland Security (DHS) was created in 2002, the duties of the FedCIRC were transferred to the DHS. In 2003, FedCIRC changed its name to U.S. Computer Emergency Readiness Team or US-Cert. Its mission was enlarged to provide boundary protection for the federal civilian executive computers and leadership in the field of cybersecurity. With the passage of time, US-CERT has become a trusted agency and reliable source of information about cyberspace for the Federal government, state and local governments, private businesses and international organizations.
One of the main things that US-CERT does is to receive reports of computer security incidents within the U.S. Federal Government. An incident is considered to be a violation or imminent threat of violation of computer security policies, acceptable use policies or standard security practices. After collecting incident reports, studies are conducted, and conclusions reported. The US-CERT publishes Weekly Vulnerability Bulletins, Technical Alerts, Current Activities entries and Tips.
Yesterday, US-CERT published an alert that said that Russia had hacked into the computers of many government agencies and U.S. companies in the energy, nuclear, commercial facilities, water, aviation and critical manufacturing sectors – in summary, they have infiltrated a lot of our critical national infrastructure. The Russians have been doing this for years including the massive attack on our 2016 elections, but we have done little to respond or stop these intrusions to date.
Our national electrical grid is system of systems. It is managed by thousands of people, computers and manual control systems. Data is supplied by thousands of sensors connected by a variety of communication networks. Over the next twenty years, especially with the much-publicized Internet of Things, there will be a great deal more data traveling over the national grid than electricity.
MIT recently published report in which they said that it will be impossible to completely protect the national grid from cyberattacks or accidents. In view of this reality, MIT said that we need to have mechanisms in place to quickly respond to intrusions and quickly restore the security and operation of the grid. These mechanisms should be spread to every entity connected to critical grid infrastructure.
The U.S. National Institute of Standards and Technology Cybersecurity Working Group has identified one hundred and thirty-seven types of interconnections between different systems in the national grid. It is assumed that eventually every smart meter and most sensors and critical pieces of equipment will be equipped with their own communication modules. Components and software will be supplied from hundreds of different companies. The North American Electric Reliability AInfrastructure Protection standards covering the national power system, but no organization presently has responsibility for overseeing grid cybersecurity across all aspects of our energy systems.
Please read Part 2
