need to add title here

Cyber War

June 13, 2010 5:00 PM

Could foreign hackers get into the computer systems that run crucial elements of the world's infrastructure, such as the power grids, water works or even a nation's military arsenal, to create havoc? They already have. Steve Kroft reports.

Cyber War: Sabotaging the System
Add a Comment See all 44 Comments
by Mother_of_Five February 4, 2013 4:04 PM EST
I have watched this video again within the past week, and I'm wondering if any improvements have been made to the issues that are addressed in this video. Have the banks improved their cyber security? Have there been any more cyber attacks on infrastructure or the military? Has congress taken any action to further ensure our security?
Are we any more secure now than we were then?
Reply to this comment
by needsleepnow1983 October 5, 2011 10:05 PM EDT
This isn't overly surprising. CyberCrime is relatively new ... within the last decade or so. It's also not shocking as to how much damage that can be done if one truly stops and thinks about it. What shocks me though is that it has really only taken us until the last couple years or so to truly address this in a proactive manner. Well I really can't say proactive, it's more like reactive.

I still think not enough is being done. Even if say the Government threw an additional Trillion dollars/year on this issue, all that is going to do is speed up the transition. It's going to take time to get individuals certified, trained, and with proper security clearances to tackle this threat.

No amount of money is going to substitute time lost for this rather scary issue.
Reply to this comment
by snarky73 October 5, 2011 8:35 PM EDT
Normally, I stay away from network news shows. They always seem to grab the nearest kook or disgruntled employee to sensationalize a story. However, in this case, the story really does sell itself.

The story was well done, but I think it deserved more than 18 minutes plus commercials. As I watched the video, there were many things that jumped out and grabbed my attention. This may really be another 9/11 type issue.

The trending of attacks has revealed that there has been a paradigm shift from the individual hobbyist to the state-sponsored variety. This makes the attacker more skilled in methodology and practice. It also provides a greater funding pool for resources.

Vulnerabilities are plentiful and our innovative nature increases the likelihood of an attack. The way that we have embraced the Internet as a culture provides greater opportunity for attackers. I found the fact that our power grid is operated by private utility companies, that aren't governed by federal oversight, is very disturbing.

Every day we hear about another attack, another compromise. What information should be disclosed for awareness? What information should be kept hidden for security? One thing is certain, cyber security is everyone's responsibility and should be everyone's priority.
Reply to this comment
by greenetorrance October 5, 2011 5:06 PM EDT
This segment should be a wake up call. I am glad the President Obama made cyber warefare the number one priority. The casualities of war are no longer subject to the battlefield.The incident that took place in 2007, where there was a breach in the Departments of State, Commerce, Energy, NASA, and all military agencies should concern everyone. Terra-bytes of information was downloaded. I would tend to think that these government agencies and military would have better vulnerability controls.

The scariest part of this segment was the CENTCOM breach. How did someone get by the firewall and encryption system to for day without detection? As CENTCOM is vital for the both the wars that were ongoing, this breach could have endangered our warfighters. This goes to show that the cyberwarfare is very serious.
Reply to this comment
by KlaatuSaysHi October 4, 2011 11:54 PM EDT
Cyber War: Sabotaging the System (CBS News, 2010) was a poignant harbinger that predated the Stuxnet outbreak by over a year, which ironically could have been the exact kind of attack the piece was trying to warn us about if Stuxnet had been targeted differently. The piece came down pretty hard on the electric power industry, which was not entirely fair given that reliability standards have been under development since before the air date and which are still on-going (Federal Register, 2011). For example the story was not as critical of the banking industry, in which we were told 10 million of dollars were lost in one incident alone, but there is also slow progress in the financial sector as well (Rashid, 2011). Although it is a minor detail, the characterization by Jim Lewis of the size of the Library of Congress is inaccurate, which as of September 2011 had 254 terabytes of data and grows at a rate of about 5 terabytes a month (Library of Congress, 2011).

What I think the story got right is that, especially after 9/11, we know that we should be on guard for attacks, and that all of the industries mentioned in the story have known there have been serious problems with our infrastructure for a long time. Lengthy deliberation of guidelines leaves the critical infrastructure of the country at risk, leaving the barn door open so to speak, when industry should really be worried about closing the doors to our national vulnerabilities as soon as possible.

CBS News (2010, June 10). Cyber War: Sabotaging the System. Retrieved from www.cbsnews.com/video/watch/?id=6578069n

Federal Register (2011, September 22). Version 4 Critical Infrastructure Protection Reliability Standards (p. 58730). Retrieved from http://www.gpo.gov/fdsys/pkg/FR-2011-09-22/html/2011-24102.htm

Library of Congress (2011). Web Archiving FAQs. Retrieved from http://www.loc.gov/webarchiving/faq.html#faqs_05

Rashid, F.Y. (2011, August 30). Layered Security Essential Tactic of Latest FFIEC Banking Guidelines. Retrieved from http://www.eweek.com/c/a/IT-Infrastructure/Layered-Security-Essential-Tactic-of-Latest-FFIEC-Banking-Guidelines-557743/
Reply to this comment
by Bmore81 October 4, 2011 9:23 PM EDT
I enjoyed watching the 60 Minutes special called "Cyber War". Although I already knew that the United States was vulnerable to a cyber attack, I was not aware of experimental attacks (by us) that have been conducted to show just how high this vulnerability was. For example, in 2007, there was an experimental attack (Aurora) that was conducted to show how easy it would be to infiltrate and interfere with our power grid, which could leave us blacked out for months (the generators are quite expensive and not available locally). I was also not aware of how much of our intellectual property had been stolen over the years by malicious users in other countries with the help of malicious software.

There was one part of the 60 Minutes video segment that I did not agree with. This is when the 60 Minutes reporter was interviewing Jim Lewis (Director at the Center of Strategic and International Studies. At one point Mr. Lewis was asked how much cyber warfare the US was conducting on foreign countries with him stating that we are in the "top of the league". He then went on to say that Russia and China might wonder why we complain if we are doing it to them too. Director Lewis then confirms this and calls it "a fair question with one exception" since we basically heavily depend on the internet/ information technology in our daily lives. I think this statement is ridiculous because he is basically using our dependency as justification. Just because we use/ rely on the internet everyday does not give us the right to infiltrate foreign networks (to spy and steal information) unprovoked. Don't get me wrong. I am for protecting our nation's security as much as the next guy. I just dont think pouring gasoline on an already hot fire (so to speak) is the way to go about doing this.
Reply to this comment
by RichyAji October 4, 2011 1:49 AM EDT
It's true that technology actually makes everything easy for everybody, but watching this Video it looks like if care is not taken, it will do more harm than good. Something just has to be done about it. I can't believe all these things are happening and most people didn't know about it. Imagine computer shutting down power in eastern part of United States that will be so crazy. We've got to act fast before things go hard way
Reply to this comment
by Whatever199 October 3, 2011 2:34 PM EDT
It is amazing to think that major attacks are happening so often and the public has done so little. The evidence is there, but the private sectors do nothing to protect the American people, they just want their profit. Unfortunately, it is going to take a catastrophic event like 9/11 to make them wise up and start taking care of their security as well. Obviously the hackers know what they are doing if they are able to break in to the governments high security departments and it is time we became prepared to stop them. Thinking about someone breaking in to the DOD and stealing vital information, or information about our weapon system, or cutting off the power to millions of people during the winter months does not make me sleep well at night. One thing I do find a bit strange, it seems as if they let out an awful lot of information about America not being prepared for such attacks, was this a wise move?
Reply to this comment
by pinkalicious6 October 2, 2011 9:20 PM EDT
It seems that we're more reactive than proactive, or have been for too many years. Security changes only come about when there's been a breach and one at a time. I find it interesting that none of these breaches have been widely publicized. Keeping the breaches quiet goes right along with the reactive posture of the country by just ignoring it until they can think of one change to implement. I'm not sure that I agree we're at the top of cyberespionage. And I would not be surprised to find out there are many other countries who are doing more to prevent a cyberattack than the U.S.
Reply to this comment
by bigcitybrom October 1, 2011 7:46 PM EDT
This is all quite real, but the information within the story is just the surface. While a hacker could very well shutdown important pieces of infrastructure over the Internet with the proper hack and/or tools, the success of that attack is reliant on at dozen other factors as well. For instance, if as they say in the story, the Internet were used to shut down a power generator by overheating it or some other means. There are several other systems that would need to be compromised in order for the attack to play out to completion. You also have to take the human element out, alarms would be going off, and SCADA systems would be in effect that would alert of the catastrophe and likely take action long before it became a real threat. I like that the media is bringing a lot of this to light in the news, however, just like any other story, they either conveniently leave out a lot of the facts to make their story more intense and interesting, or they weren't privy to that information. Either way the story is not 100%. It's not like we attach critical supervisory controls to the Internet. That doesn't happen, and there is very little inter-operation with those controls from any system that IS attached to the Internet, if any at all. I can't answer for every power plant. This isn't to say someone couldn't sell microchips as parts to some system that caused it to flaw, or that physical security couldn't be compromised and a user internally couldn't wreak havoc on the system, but this is a lot less likely than a user sitting at home in China and hacking into the supervisory controls of an electrical grid.
Reply to this comment
See all 44 Comments
Recent Segments

60MinutesOverTime

60 Minutes Overtime is a weekly web show that begins where the weekly television broadcast ends

  • 48 Hours iPad App

    Big changes for the 2012-2013 season! Watch the current week's episode for FREE up to a week after it airs or subscribe for access to all shows, classic episodes and more!