So I was flipping through my channels last night and nothing was on. Then I came across PBS and Frontline, and according to the info screen it looked pretty interesting. So I stayed, and it was, but it was also kinda scary what could be done by terrorists using the internet:
A: And largely the concept of the Pearl Harbor info-war is that terrorist group X or rogue nation Y will decide to attack the United States using an all-out onslaught against the infrastructure. And the targets will be anything from water to power, anything with SCADA control systems, which are generally running off of Windows NT or Windows 2000, which essentially means that you can cut through them like a hot knife through butter...
Q: So if you and a group of friends decided to do it, which you wouldn't, but if you decided to do it, would you be able to take down the electrical grid of the United States?
A: I don't know if you'd be able to take down the whole grid, but I know that you could take down significant pieces of it for, let's say, operationally useful periods of time. Right now, the length of time that the effect of an IO operation would last I don't think is that long. So you buy yourself 20 minutes, four hours, who knows how long until they can solve the problem. The question is: What do you do during that 20 minutes or four hours?
A: Yes, it is possible to do physical damage through the Internet. ... But again, for example, in the power grid situation, the reason that you had a knowledgeable insider telling you that a knowledgeable insider could do this is, again, because they have the same sort of inside track that I do. I know that breaking into arbitrary company X, that I could destroy arbitrary company X's intellectual property assets, I could destroy their databases, their corporate communications, I could destroy everything that that corporation relied upon in terms of its virtual functions as opposed to its physical functions.
Would I be able to cross over into the physical world? It depends on the industry. If you have a knowledgeable insider in the power industry who sits there and says if you did it right and you created surges, then you confuse certain kinds of circuits or destroy other kinds of equipment. That's certainly true, because you can blow off the engineering tolerances that systems will normally require in proper functioning. But again, that requires a knowledgeable insider working with you to do that
<a href="http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/interviews/" target="_blank">Frontline Interviews</a>
The above site has all the interviews from the program last night.
Any thoughts?
A: And largely the concept of the Pearl Harbor info-war is that terrorist group X or rogue nation Y will decide to attack the United States using an all-out onslaught against the infrastructure. And the targets will be anything from water to power, anything with SCADA control systems, which are generally running off of Windows NT or Windows 2000, which essentially means that you can cut through them like a hot knife through butter...
Q: So if you and a group of friends decided to do it, which you wouldn't, but if you decided to do it, would you be able to take down the electrical grid of the United States?
A: I don't know if you'd be able to take down the whole grid, but I know that you could take down significant pieces of it for, let's say, operationally useful periods of time. Right now, the length of time that the effect of an IO operation would last I don't think is that long. So you buy yourself 20 minutes, four hours, who knows how long until they can solve the problem. The question is: What do you do during that 20 minutes or four hours?
A: Yes, it is possible to do physical damage through the Internet. ... But again, for example, in the power grid situation, the reason that you had a knowledgeable insider telling you that a knowledgeable insider could do this is, again, because they have the same sort of inside track that I do. I know that breaking into arbitrary company X, that I could destroy arbitrary company X's intellectual property assets, I could destroy their databases, their corporate communications, I could destroy everything that that corporation relied upon in terms of its virtual functions as opposed to its physical functions.
Would I be able to cross over into the physical world? It depends on the industry. If you have a knowledgeable insider in the power industry who sits there and says if you did it right and you created surges, then you confuse certain kinds of circuits or destroy other kinds of equipment. That's certainly true, because you can blow off the engineering tolerances that systems will normally require in proper functioning. But again, that requires a knowledgeable insider working with you to do that
<a href="http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/interviews/" target="_blank">Frontline Interviews</a>
The above site has all the interviews from the program last night.
Any thoughts?
