Cybersecurity researchers are getting more worried that focusing on “rational” attackers such as the Chinese might be a dangerous way to go, and the country needs to fear the irrational types more.
For years now the US national security experts have believed that “rational” super powers like China or Russia were their main adversaries.
But now there are growing concerns that extremist groups, rogue nations or hacker activists are infiltrating US systems to hunt for security gaps.
While they are not as clever as the rational times, they can bring in an element of surprise that is just as damaging.
For example HD Moore, chief research officer at the security firm Rapid7 discovered he could use the Internet to access the controls of some 30 pipeline sensors around the country that were not password protected.
While a rational opponent would not attack such a target unless they were at war, an irrational one would do it for the LOLz or to make a point.
A hacking expert who helps companies uncover network vulnerabilities, Moore said he found the sensors last month while analysing information in huge, publicly available databases of Internet-connected devices.
“We know that systems are exposed and vulnerable. We don’t know what the impact would be if somebody actually tried to exploit them,” he said.
Former US Homeland Security Secretary Michael Chertoff said he was worried the first destructive cyber-attack on US soil might resemble the Boston Marathon bombings in the sense that the suspects were unknown.
He told the Reuters Cybersecurity Summit that these are going to be modest-scale, impact attacks from all kinds of folks – hactivists, and criminals which might take down critical infrastructure.
Iran and North Korea are also classed as irrationals because they do not really care about the impact their attacks have or being found out about them.
The Syrian Electronic Army is another. This is an activist group that has claimed responsibility for hacking the Twitter accounts of major Western media outlets.
The sort of attack they could carry out is like the one found by the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, known as ICS-CERT. A flaw was found in equipment from Germany’s TURCK, which is used by manufacturers and agriculture firms in the United States, Europe and Asia.
The agency said attackers with “low” hacking skills could exploit the flaw, letting them remotely halt industrial processes
Dale Peterson, CEO of industrial controls systems security firm Digital Bond, told Reuters that infrastructure control systems are highly vulnerable to cyber-attacks because designers did not take security into consideration when they developed the technology.