DHS Ramping Up Defense Of Critical Control Systems

The Department of Homeland Security (DHS) plans to ramp up a program that sends specialized forensic teams to combat the cybersecurity threat on U.S. critical control systems, such as those that control power plants, industrial facilities and air-traffic control systems.

For the past year, the DHS has sent out four special teams -- collectively a part of the Industrial Control System Computer Emergency Readiness Team -- on missions to examine these systems to determine threats and respond to technical-support calls from private-sector partners.

However, the department plans to expand the program next year, a move that coincides with the discovery last month of the first worm designed to specifically attack such systems.

"There is no shortage of demand for this service from the DHS among our partners in the private sector," said DHS spokesman Amy Kudwa Wednesday. "That there has been this worm that is specifically focused on control systems only solidifies our focus on expanding this program."

The system attacked was based on technology from Microsoft and Siemens, which have developed patches for the worm, she added.

The worm attacked four systems, none of which were in the U.S. However, its presence is enough to put the DHS on alert for more direct attacks on critical systems.

The specialized control-system teams -- which fall under the purview of the National Cybersecurity Division (NCSD), part of the DHS Office of Cybersecurity and Communications -- went on 13 missions last year armed with a $5,000 case full of specialized forensic technology to identify malware on control systems

The expansion of the NCSD's budget for the program from $10 million to $15 million is meant to increase the number of teams available for these service calls from four to 10 in 2011.

Response to the threat on critical control systems is not new. The DHS has been keeping a close eye on them and published reports about how to address vulnerabilities for about five years. The systems are high risk given that they are often built on outdated technology that does not have the same security level as newer systems.

Earlier this month, the Wall Street Journal revealed that the National Security Agency (NSA), too, is expanding its interest in protecting control systems. The agency is set to launch a program specifically aimed at assessing vulnerabilities and developing capabilities to secure them.

While the government's interest in these systems is aimed at keeping crucial systems protected and online in the event of a cyberattack, it also has raised questions of privacy and just exactly what the government's role should be in protecting privately owned networks.