Following the proposal of Cybersecurity Act, White House is exploring an Executive Order nudge a bill designed to enable critical infrastructure owners implement better controls for protecting their computer networks. The bill in question is sponsored by Senators Joseph Lieberman (Ind,-CT) and Susan Collins, (R-ME) and several other democratic lawmakers. Soon, they will also prompt President Obama to issue an executive order to pass the bill. If the bill gets passed, it will comprise an inter-agency council that would work with critical infrastructure owners to develop new voluntary cybersecurity standards. Alan Paller, director of research at the SANS Institute called this as one of the best ideas for moving towards consensus security controls.
“If we are serious about fixing [the cybersecurity problem] we need to act,” Paller said. “If Congress won’t act, and the President can, God speed!”
By end of last month, President Barack Obama and The White House endorsed the cybersecurity bill, noting the ongoing cyber attacks and threats, especially to the critical infrastructure of the United States. Not only the White House, several associations backed the Cybersecurity Act including MPAA, RIAA and ESA–each representing content companies from the movie, music, and video games sectors.
“Today we can see the cyber threat to the networks upon which so much of our modern American lives depend. We have the opportunity—and the responsibility—to take action now and stay a step ahead of our adversaries. For the sake of our national and economic security, I urge the Senate to pass the Cybersecurity Act of 2012 and Congress to send me comprehensive legislation so I can sign it into law”, said President Obama in a press release on The White House website.
Since last year, we saw a number of cyber attacks on the critical infrastructure of the country, such as a water plant in Texas disconnected its control system from the Internet after a hacker posted pictures of the facility’s internal controls, hackers penetrated the networks of companies that operated country’s natural-gas pipelines, and increased attacks on the nuclear and chemical industries.
The report of the hacking incident of water pumping station in Springfield, Illinois suggested that Russian IP addresses had been implicated in damaging a piece of critical water infrastructure; this was based entirely on revelations by Joe Weiss, security consultant and managing partner of Applied Control Solutions. But the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), a division of the DHS tasked with investigating these events, said they could find nothing to connect the incident to anything cyberterrorism related.
A recent report by ICS-CERT reported increased infrastructure cyber attacks suggested that the number of cyber incidents increased to 41 in 2010 and jumped to 198 in 2011, which is a big leap. According to the report, among all incidents in 2011, around 41 percent were related to the Water Sector, and this was due to use of a large number of internet-facing control system devices. Rest is specific to government facilities, energy sector, nuclear, chemical, transportation, national monuments, IT, critical manufacturing, and communication segments.
As infrastructure cyber attacks are taking a progressive mode, Big Data plays a significant role in identifying the difference between a real threat and a false alarm. A prominent example is the Splunk’s solutions that help determine the difference, and provide both in-house security and security-as-a-service atop of numerous layers by looking at the data produced by a multitude of products. Splunk uses Big Data systems and provide capability for deep real-time analysis, and delivers powerful languages that put the ability to query ongoing changing and data in the hands of technicians who may need those alerts to be prepared for both the expected and unexpected.