The FBI’s Denver Cyber Task Force issued a warning last week that vulnerabilities in software that runs everything from pumps to motors to traffic lights have become the nation’s top cybersecurity threat. The software that controls these systems is especially vulnerable to attack because they aren’t always protected by sophisticated security systems. Since the devices aren’t very powerful or accessible to the general public, security measures weren’t always seen as necessary.
Dan Leyman, special agent in the Denver Cyber Task Force, said the industrial control software is the biggest threat for the FBI because it is used to control much of the nation’s critical infrastructure, ranging from dams and power grids to traffic control systems and waste water treatment plants. He made the comments during a panel discussion during a breakfast briefing at the Cheyenne Mountain Resort on cybersecurity by FedInsider.com, a Washington, D.C.-based website specializing in information and education about government management.
Most of the world’s high-profile cyber security incidents involve theft of consumers’ personal information from retailers, insurers and other businesses or so-called “ransomware” like the “WannaCry” attack that compromised more than 200,000 computers in 150 nations last month, Leyman said. But many cyber attack victims are reluctant to contact the FBI due to fears of bad publicity damaging the reputation of a business or government agency if reports of the attack become public, but the FBI is barred to publicly disclosing the victim or details of the attack, he said.