U.S., European Aviation Authorities at Odds Over Cybersecurity
From “U.S., European Aviation Authorities at Odds Over Cybersecurity”
Wall Street Journal (12/23/15) Pasztor, Andy
U.S. and European aviation authorities are reportedly at odds over a key question of how to protect aircraft from potential cyberattacks. There is wide agreement between U.S. authorities and their European counterparts that aircraft are vulnerable to cyber threats today. The European Aviation Safety Agency warns that “all recently designed large airplanes are known to be sensitive” to cyberthreats because of the “interconnectivity features of their avionics systems.” They even agree that for large commercial planes, the solution should include enhancing the separation of cabin entertainment and passenger Internet access from any safety related systems. The disagreement, apparently, is over how to address cyber threats facing smaller air craft. European authorities want the same testing guidelines and regulations to cover both large and small planes, while American authorities and industry representatives want aircraft with fewer than 19 seats to be subject to different standards. Both sides hope to hammer out a possible compromise before the Federal Aviation Administration proposes new U.S. standards next summer.
According to current and former U.S. officials, Iranian hackers infiltrated the control system of a small dam less than 20 miles from New York City in 2013. The hack of the Bowman Avenue Dam near the village of Rye, N.Y., was first noticed by National Security Agency, which was monitoring the activity of Iranian hackers launching attacks on U.S. firms Capitol One Financial and SunTrust Banks. NSA analysts noticed that one of the hackers’ machines was crawling the Internet, looking for vulnerable U.S. industrial-control systems. This information was passed on to the Department of Homeland Security, which linked one of the addresses targeted by the hackers to a “Bowman” dam. There are 31 dams in the U.S. with Bowman in the name, and investigators worried that the hackers had targeted the 245-foot-tall Arthur R.Bowman dam in Oregon. Officials say much of this concern dissipated when the Bowman Avenue Dam, a small structure used for flood control, was identified as the target. However, several officials say the incident was a wake-up call for many in the government about the potential capabilities of Iran’s hackers and the vulnerability of the industrial control systems underlying much of the U.S.’s critical infrastructure.
Share | Web Link | Return to Headlines
Cyberattack Prediction: Hackers Will Target a U.S. Election Next Year
From “Cyberattack Prediction: Hackers Will Target a U.S. Election Next Year”
CIO (12/17/15) Lawson, Stephen
Security expert Bruce Schneier, chief technology officer of Resilient Systems, says that a major cyberattack could target next year’s presidential election. “There are going to be hacks that affect politics in the United States,” Schneier said. He pointed to the massive Sony hack and attempted Chinese and Iranian hacks as evidence that cyber criminals are aiming for more complex targets. This has already wreaked havoc on international relations. The EU in October invalidated the Safe Harbor agreement on offshore data storage, claiming that the US did not have their trust. The scope of data has changed because of cyber crime, and that means more intricate problems. The only improvement, albeit a significant one, is the advent of complex encryption. It is not perfect, Schneier said, but it certainly helps more than some may thing. “We get a lot of security because of this,” he said.
Share | Web Link