Thirty percent of the world’s nuclear power is produced in the United States at 104 reactors concentrated on the Eastern seaboard. What if the Flame and Stuxnet viruses that wreaked havoc on Iran’s nuclear efforts were repurposed by unfriendly nations to attack the U.S.?
Recent stories have come out showing how the Flame and Stuxnet viruses are connected, that they are some of most sophisticated malware ever found, and that they could be adapted by other hackers for future attacks.
Now CNet is reporting that senior security specialists are worried about the digital signatures that protect vital systems in key U.S. power plants. Digital signatures are encrypted codes that can be used to verify that messages — or commands — are accurate and sent from approved, authenticated sources. They’re currently used to guard vital infrastructure control computers against unauthorized access.
Stuxnet used faked, or illegally obtained digital signatures to avoid detection by anti-virus security software when it was introduced into computers that controlled how Iran was refining uranium. Once in, Stuxnet then subtly introduced errors into those processes, damaging the refining equipment, and slowing Iran’s bomb-building project.
What if other nations used code based on Stuxnet, and either cracked or stolen digital signatures to do similar things to the United States? An extreme nightmare scenario could be a rogue nation that shuts down cooling pumps at a power generating station, or mis-reports temperature and pressure conditions in a reactor core.
This is unlikely, but security specialists are worried enough to be complaining to the North American Energy Standards Board, which develops standards for the energy production industry in the U.S. and Canada. The problem they see is that the digital signatures that are currently in use to protect access to American power plants’ computers, provided by Oati and GlobalSign, have too long a lifespan: 30 years.
30 years is an eon in computer time, and codes that are uncrackable now may very well be crackable in the future.
Other cryptographic algorithms have been shown to have security issues, such as MD5. It seems rational to assume that future decryption technologies will be able to decode present-day digital signature technologies — particularly if we ever get a practical, working quantum computer.
The proposed solution is to only issue certificates with a shorter life-span, perhaps five years. At the very least, this would ensure a security upgrade twice a decade.
Of course, this is not the only attack vector. The continental electrical grid has already been penetrated by rogue or state-sponsored hackers. A dedicated and massive security effort is urgently needed to ensure that cyber-warfare doesn’t turn out to be the double-edged weapon it certainly resembles now.
Image credit: ShutterStock