Minor to minorly significant cyberattacks on critical infrastructure are happening constantly. So far, in the U.S., these have yet to lead to any significant damage or injury but the potential is there and the administration is poised to crack down.
Next week, the Justice Department is expected to release an indictment charging an Iranian national with hacking into a New York dam, according to reports.
The story was first reported by CNN on March 10, citing government officials involved in the investigation.
According to the report, the indictment covers a 2013 intrusion into the Bowman Avenue Dam in Rye Brook, New York, a suburban community in the Hudson Valley region just north of New York City. The hackers only got access to "back office systems," according to CNN, and were detected and booted before having an effect on actual dam operations.
What's more, the dam and sluice — which mitigates flooding of area homes — wasn't operational at the time of the hack, according to local reports. So even if the hackers had leveraged their intrusion to access the dam's control systems, there wouldn't have been anything to control yet.
"While the attackers don't appear to have penetrated the dam's operational systems, this event is a reminder of how important it is for us to protect critical infrastructure, whether at the nationwide, state, local or private sector level," said Steve Grobman, CTO at Intel Security. "This event is also a reminder that cyberattack and cyber-exploitation tools and expertise are available to those willing to pay for them."
While Iran is not generally thought of as a major player in the cyberwar, Grobman noted the cottage industry that has evolved to support any organization interested in doing damage, especially nation-states with plenty of funding.
"This magnifies the capabilities of a less resourced entity to launch sophisticated attacks," he said. "It's a matter of resources, motivation, persistence and opportunity."
The administration has become bolder about calling out foreign nationals perpetrating cyberattacks against the U.S., particularly when it comes to economic espionage and attacks on critical infrastructure.
Officials are even speaking out against attacks against other nations' critical infrastructure, as with Russia's involvement in taking down Ukraine's electric grid late last year.
"We're talking about the importance of safeguarding industrial control systems," Suzanne Spaulding, undersecretary for the Homeland Security National Protection and Programs Directorate, told Federal Times during an interview at the RSA Conference. "This is something we've been talking about for a long time but it's taken on a special urgency since the attack in Ukraine in December."
Last year, President Barack Obama also called for stronger sanctions to target the individual finances of the people who perpetrate these attacks. The Treasury Department finalized the framework for such sanctions in January.
And the Justice Department has indicted foreign hackers before. Most recently, Ardit Ferizi, a Kosovar living in Malaysia, was extradited and brought up on terrorism charges for hacking a U.S. retailor and exposing information on federal employees and military personnel.
However, this indictment will be the first time DOJ goes after a foreign hacker for attacking this kind of infrastructure.
Aaron Boyd is an awarding-winning journalist currently serving as editor of Federal Times — a Washington, D.C. institution covering federal workforce and contracting for more than 50 years — and Fifth Domain — a news and information hub focused on cybersecurity and cyberwar from a civilian, military and international perspective.
