Last month there were several reports of cyber attacks on water treatment plants ( Houston, TX and Springfield, IL come immediately to mind). The Springfield incident turned out to be a major miscommunication, but the Houston attack is holding strong and at least three other attacks have been confirmed by the FBI. These attacks were so real, in fact, that Michael Welch, deputy director of the FBI’s Cyber Division, recently announced that the FBI will be increasing its cyber budget by roughly 12%. Here’s a recap from Sophos’ Naked Security blog:
At a recent security conference Michael Welch, the deputy assistant director of the FBI’s Cyber Division, gave a speech where he discussed the issue of SCADA security.
Information Age magazine reported on his speech and quoted Welch as saying:
"We just had a circumstance where we had three cities, one of them a major city within the US, where you had several hackers that had made their way into SCADA systems within the city."
… It’s great that Welch acknowledges the work we have to do in this area and even went so far as to suggest the FBI will double the size of their Cyber division in the next 12 to 18 months.
Sound too good to be true? Then it probably is.
A story on PoliceLedIntelligence.com shows the FBI’s budget for Cyber will increase by $19.6 million, or approximately 12 percent.
The majority of the funding increase will be used to expand their operation from 8 hours/5 days to 24 hours/7 days.
They even explained this to Congress, justifying their need for the funds:
"Because threat actors operate globally, a significant volume of cyber threat activity occurs outside of normal business hours."
Read the whole article >>>
It might not be as much of an increase as Sophos would like to see, but at least it’s something. And our next Testing The Limits guest can attest to the woefully inadequate state of cyber security these days. Here’s a little sneak peek at what he has to say on the topic:
“As a rule I stay away from “the sky is falling” scenarios, but since you asked. By 2015 the overall threatspace will be ten times worse than it is today. Think about that. There will be TEN breaches as critical as the RSA attack. There will be TEN Google Aurora’s. There will be TEN Stuxnets. There will be 300 thousand new malware variants a day. ”
We’ll post the next Testing The Limits guest interview later this week, so check back then to find out who our security expert is!