In the age of rampant cyber threats, securing national infrastructure has become priority number one. But the most recent measure from Washington to this end was surprising to nearly all observers.
First, a breakdown of the problem:
Critical infrastructure in the United States, such as electrical grids, nuclear power facilities, and communications, have proven rather vulnerable to cyber attacks—even from relatively unadvanced adversaries. The reason for this is because most of these systems were developed without cyber security in mind as most were never supposed to be connected to the Internet. Hooking critical infrastructure to the net makes things easier and more efficient, but also exposes it to a myriad of cyber threats.
According to many policymakers, the solution is simple: Go retro.
Rather than bringing in new technology to secure the current systems, critical infrastructure should use analog and manual technology to isolate the grid’s most important control systems. This, according to advocates, will limit the potential damage of a large-scale attack.
Enter the Securing Energy Infrastructure Act (SEIA), Congress’s new plan, three years in the making, for securing national infrastructure.
The strategy proposed by SEIA does not call for revamping infrastructural systems per se, but rather adding what policymakers have dubbed “low-tech redundancies,” i.e., manual procedures controlled by humans. This means that in order to execute certain high-risk commands, there will be an additional procedure that will have to be done by an operator physically on-site.
“This approach seeks to thwart even the most sophisticated cyber-adversaries who, if they are intent on accessing the grid, would have to actually physically touch the equipment, thereby making cyberattacks much more difficult,” said a press release from the office of Independent Senator Angus King, after the SEIA passed the Senate floor.