In­spec­tor gen­eral: 2 U.S. dams at risk of ‘in­sider threats’

Yuma Sun - - NATION / WORLD -

SACRAMENTO, Calif. — Two dams crit­i­cal to U.S. na­tional se­cu­rity are at high risk for “in­sider threats” that could im­pair oper­a­tions be­cause of poor com­puter se­cu­rity prac­tices such as too many em­ploy­ees hav­ing ac­cess to ad­min­is­tra­tor ac­counts and fail­ures to rou­tinely change pass­words, ac­cord­ing to a new in­spec­tor gen­eral re­port.

An eval­u­a­tion re­leased Mon­day by the U.S. Depart­ment of the In­te­rior doesn’t name the two dams, and spokes­woman Nancy DiPaolo cited na­tional se­cu­rity con­cerns. But they are among five dams op­er­ated by the U.S. Bureau of Recla­ma­tion that are con­sid­ered “crit­i­cal in­fra­struc­ture,” mean­ing their destruc­tion or im­pair­ment could hurt na­tional se­cu­rity. Those five dams are Shasta and Fol­som Dams in Cal­i­for­nia, Glen Canyon Dam in Ari­zona, Grand Coulee Dam in Wash­ing­ton and Hoover Dam, which strad­dles Nevada and Ari­zona.

The United States and other coun­tries have ac­cused Rus­sian hack­ers of try­ing to in­fil­trate crit­i­cal in­fra­struc­ture such as power plants, el­e­vat­ing the sen­si­tiv­ity around mak­ing sure U.S. sys­tems are se­cure.

The in­spec­tor gen­eral’s re­port found the two dams are at low-risk of out­side cy­ber in­fil­tra­tion — but at high risk of threats from within. They’re run re­motely through a com­puter sys­tem that con­trols gen­er­a­tors, valves and gates at the dams from a U.S. Bureau of Recla­ma­tion oper­a­tions cen­ter. The agency dis­puted some of the find­ings.

Among the fac­tors cited as se­cu­rity risks: Too many peo­ple have ac­cess to ad­min­is­tra­tive ac­counts, em­ploy­ees aren’t chang­ing their pass­words of­ten enough, ac­count ac­cess isn’t al­ways revoked when em­ploy­ees leave, and the agency isn’t con­duct­ing ro­bust enough back­ground checks for em­ploy­ees with high-level priv­i­leges. For ex­am­ple, the eval­u­a­tion found nine of 30 ad­min­is­tra­tor ac­counts hadn’t been used in more than a year.

The re­port char­ac­ter­ized the is­sues as “sig­nif­i­cant con­trol weak­nesses that could be ex­ploited by in­sid­ers.”

Ad­min­is­tra­tive ac­cess would give an em­ployee the abil­ity to com­pro­mise the sys­tem by in­stalling mal­ware to dis­rupt dam oper­a­tions, in­stalling back-door ac­cess for oth­ers, delet­ing or mod­i­fy­ing cru­cial pro­grams, re­vok­ing ac­cess for oth­ers and delet­ing or mod­i­fy­ing con­trol logs to “con­ceal ma­li­cious ac­tiv­ity,” ac­cord­ing to the re­port.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.