B.C. researcher evaluates cyber attack vulnerabilities

VANCOUVER — Attendees at the 2003 edition of the ASI Exchange in Vancouver on Tuesday heard that Canada’s critical infrastructure is at risk from cyber attacks and malicious code.

One of the spotlight speakers at the event, Eric Byres is the manager of the Internet Engineering Lab in the

Technology Centre at the British Columbia Institute of Technology. Byres is conducting research into the risk posed by cyber attacks for the infrastructure critical to our way of life, like the power generation and distribution system , and how it can be better protected.

Security isn’t new to these companies; they’ve always been on guard against someone trying to blow up a power dam, for example. However, Byres says cyber attacks are something many companies haven’t considered before.

“There’s the possibility of a cyber terrorist getting into their industrial control systems via the Web, and wreaking havoc just like a bomb would,” says Byres. “We’re doing a lot of research in that area on what the risks are and what the solutions are.”

They’ve created the Industrial Incident Security Database, the only database Byres is aware of that tracks cyber attacks that impact the safety or operations of an industrial site, and he says the statistics show about 70 per cent of the attacks are by insiders.

“It’s disgruntled employees or ex-employees, people with an axe to grind that have some knowledge of the systems,” says Byres. “Most of the other 30 per cent are the script kiddies, bored teenagers who see this as a challenge, like doing the New York Times crossword puzzle is for some of us.”

It’s only a tiny fraction of the attacks so far, but possibly the most concerning are attacks from political groups. Byres notes that during the Pakistan/India border flare-up last year, the number of cross-border cyber attacks went up by at least an order of magnitude.

He says it’s not known whether the attacks were by state-sponsored specialists or just enthusiastic amateurs, but when there’s hostilities between countries there’s definitely an increase in cross-border attacks.

“You’ll have to ask the CIA who’s behind them,” jokes Byres.

The oil and gas and power sectors are doing a pretty good job of protecting their systems from attack, while the chemical industry and manufacturing sector still has some work to do. However, Byres says while many companies are doing their best there simply aren’t many answers for them yet.

“We’re doing a very detailed analysis of the communications protocols that these systems use, to deconstruct these Supervisory Control and Data Acquisition (SKADA) protocols,” says Byres.

“We’re trying to see if there’s problems or flaws in these prot

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Jeff Jedras
Jeff Jedras
Jeff Jedras is a technology journalist with IT World Canada and a member of the IT Business team. He began his career in technology journalism in the late 1990s, covering the Ottawa technology sector for Silicon Valley North and the Ottawa Business Journal. He later covered the technology scene in Vancouver before joining IT World Canada in Toronto in 2005, covering enterprise IT for ComputerWorld Canada and the channel for Computer Dealer News. His writing has also appeared in the Vancouver Sun & the Ottawa Citizen.

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs