U.S. Nuclear Facility Networks "Under Constant Attack"

Tuesday, March 20, 2012

Headlines

69dafe8b58066478aea48f3d0f384820

Thomas D'Agostino, Undersecretary for Nuclear Security and Administrator of the National Nuclear Security Administration, stated that U.S. networks that control the nation's nuclear arsenal are "under constant attack" from millions of hacking attempts every day.

"They're from other countries' [governments], but we also get fairly sophisticated non-state actors as well. The [nuclear] labs are under constant attack, the Department of Energy is under constant attack," D'Agostino said.

Backing up D'Agostino's assertion, a spokesman for the agency further stated that the systems are subject to as many as ten million security events per day, with as many as one thousand being considered successful.

"Of the security significant events, less than one hundredth of a percent can be categorized as successful attacks against the Nuclear Security Enterprise computing infrastructure," said the spokesman.

The question remains as to whether the sheer number of attacks represents a material threat to the systems.

Council on Foreign Relations security analyst Adam Segal says that "the numbers are kind of inflated on that front," and that the vast majority of those so-called attacks are merely automated scanners that "are constantly scanning the Internet looking for vulnerabilities."

Segal says that critical networks that control launch systems for the arsenal are in fact not connected in any way to the Internet, and thus securely airgapped to prevent such an event from occurring.

That said, Segal also acknowledges that even a properly airgapped network could potentially be subject to a breach event, referencing the infamous Stuxnet virus that infected segregated networks in the Iranian nuclear program.

"Stuxnet showed that airgapping is not a perfect defense. Even in secure systems, people stick in their thumb drives, they go back and forth between computers. They can find vulnerabilities that way. If people put enough attention to it, they can possibly be penetrated," Segal said.

The likelihood of a successful infiltration of the networks to the degree that an attack could affect the security of the nation's nuclear arsenal is slim given the complexity of the systems and the high level of specific knowledge that an attacker would require, according to Sega.

"There'd probably have to be a state-based actor behind it. You have to understand a lot about the systems. Hacking into the Department of Energy and looking for nuclear secrets—how to build a bomb, is probably much easier than trying to take over a bomb or a launch code, and probably of more interest to the Russians or the Chinese or the Iranians," Segal explained.

D'Agostino agrees that there is still an element of risk even when systems are securely segregated from those that connected to the web which are used for less critical operations.

"All it takes is one person to let their guard down.This is going to be, in my view, an ever-growing area of concern," D'Agostino stated.

Source:  http://www.usnews.com/news/articles/2012/03/20/us-nukes-face-up-to-10-million-cyber-attacks-daily

Possibly Related Articles:
5971
Network->General
Military Attacks Stuxnet Headlines Network Security National Security hackers DOE Nuclear Thomas D'Agostino Adam Segal
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.