Pages: 1 2
The nightmare scenario involves a clever programmer building a Stuxnet-like virus that would go after PLCs used in vital sectors of the West’s economy; facilities like power plants, oil refineries and industrial manufacturers. Such a weapon would be very attractive to terrorists around the world and it’s not hard to imagine a soulless hacker auctioning off that kind of capability to the highest bidder. Now there’s little danger of an Al-Qaeda programmer creating a weapon that destructive, even with Stuxnet to use as a blueprint. But would Al-Qaeda pay a clever infidel handsomely to provide them with the capability to wreak that kind of havoc? You bet.
Langner, who runs a cyber-security firm, says that he already has the capability to infiltrate and sabotage PLCs at industrial facilities. His firm developed proof of concept software “that manipulates controllers without any insider knowledge. If we wanted to, we could implement a configurable controller exploit framework that includes Stuxnet’s more nasty attack technology within four weeks. We won’t do it. But others probably will. They may need longer, but we don’t know if they haven’t started already.” The interface for Langner’s software is frighteningly simple, allowing a user to select a process to target and then to disable alarms, kill the process, change process variables and change outputs – all without any knowledge of the process itself.
Like other cyber-security experts, Langner hopes to influence people to utilize his services by exposing their system’s vulnerabilities. However, the fact that someone is delivering a message out of self-interest does not mean that the message is wrong. Stuxnet took the computer virus to an entirely new level, moving them beyond mostly annoying, yet manageable, ways of disrupting personal computers and networks. Now viruses can be used to sabotage industrial facilities and processes and to do as much damage as a barrage of cruise missiles. The challenge for the West will be to refine this technology so it can be used to attack the enemies of liberty and freedom to an ever-greater degree, while we simultaneously ensure that this powerful new weapon cannot be used against us.
Pages: 1 2