Cybersecurity Lie Exposed: Power Plants Are Not Connected To The Internet
Senator Joe Lieberman’s draconian Internet takeover legislation, the 197-page Protecting Cyberspace as a National Asset Act, is being promoted as a vital tool to protect vulnerable infrastructure hubs from terrorist attacks, but as a recent Wall Street Journal report makes clear, large industrial power and water plants are not even connected to the public Internet.
Lieberman has been busy over the last several months pushing the cybersecurity agenda, with a bill that would hand President Obama the power to shut down parts of the world wide web for at least four months with no congressional oversight in the event of a cyber attack on critical infrastructure systems in the U.S.
However, the primary purpose of cybersecurity and Lieberman’s legislation is to combat a problem that doesn’t exist.
As a recent Wired News article highlighted, power grid and drinking water systems, “Are rarely connected directly to the public internet. And that makes gaining access to grid-controlling networks a challenge for all but the most dedicated, motivated and skilled — nation-states, in other words.”
The article explains that it would take a gargantuan national effort on behalf of a nation state, utilizing a plethora of national resources, to even begin to attempt taking down complex power and water systems. This isn’t merely a case of a rag-tag terrorist group hacking into a website via their laptops.
“Even in places like the United States, where there isn’t much you cannot find online, you’re not going to be able to get the depth and detail you need to turn off the lights with a simple network connection,” writes Michael Tanji.
Indeed, the only way to hack into or infect the vast majority of sophisticated infrastructure systems is by means of a virus contained on an external USB hard drive physically inserted on site, as a recent case reported on by the Wall Street Journal involving the German engineering giant Siemens AG proved.
Siemans provides industrial control system software that is used to monitor large automated plants – from manufacturing to power generation to water treatment. A recent attempt to steal data from one of their clients, a German manufacturing company, was carried out by means of a virus loaded onto a USB data stick which was then inserted into one of the computers on the manufacturing plant’s network. The hack attack had nothing to do with the Internet, because like almost all major plants, the German company did not have its control systems hooked up to the public Internet.
We are constantly told that the Internet needs to be subject to government control because cyberterrorists could hack in and bring down the national power grid. However, the vast majority of the U.S. power infrastructure is not connected to the Internet. It will only be connected to the Internet if the government accelerates the implementation of “smart grid” technology, so in this sense, the government itself is leaving the power grid more vulnerable to hackers by its own programs.
While the public facade of cybersecurity is supposed to be about protecting crucial infrastructure hubs, which as we have documented are not even at risk from hackers using the public Internet, the real agenda behind the program is about handing government control over the Internet so that it is in a better position to censor its critics.