Critical infrastructure could be vulnerable to hackers, warns B.C. engineer

A professional engineer who is leading research at the B.C. Institute of Technology of Burnaby, B.C. appeared before a U.S. congressional subcommittee last week to warn them that critical infrastructure is in danger of hacker attacks.
Eric Byres provided expert testimony at the U.S. Congressional Subcommittee on Technology, Information Policy, Intergovernment Relations and the Census. The committee has heard that there is a growing concern that the reliance on computers and computer networks makes critical infrastructures vulnerable to attack.
Among the sitemaps that are seen to be at risk are the Supervisory Control and Data Acquisition (SCADA) systems that are prevalent in engineering infrastructure. SCADA systems are used to collect and analyze data from facilities such as dams, drinking water treatment plants, the electric power grid, oil and gas pipelines, chemical plants, etc.
“While getting into a critical control system might not be easy,” said Byres, “it is certainly not impossible. As we like to say in the lab, “crunch on the outside, soft on the inside.”
Byres, who is on the faculty of the School of Electrical and Electronic Technology at BCIT, said that not enough has changed since 1997 when the White House National Security Telecommunications Advisory Committee found basic security flaws in the computerized systems that control generators, switching stations and electrical substations. Among other things, the committee reported that operational networks controlling critical portions of the grid were accessible through electric companies’ corporate Local Area Networks (LANs). Some digital circuit breakers could be remotely tripped.
BCIT is currently creating a centre of excellence to address the question of cyber security of critical infrastructures.