• 23 hours Shell Oil Trading Head Steps Down After 29 Years
  • 1 day Higher Oil Prices Reduce North American Oil Bankruptcies
  • 1 day Statoil To Boost Exploration Drilling Offshore Norway In 2018
  • 1 day $1.6 Billion Canadian-US Hydropower Project Approved
  • 1 day Venezuela Officially In Default
  • 1 day Iran Prepares To Export LNG To Boost Trade Relations
  • 1 day Keystone Pipeline Leaks 5,000 Barrels Into Farmland
  • 2 days Saudi Oil Minister: Markets Will Not Rebalance By March
  • 2 days Obscure Dutch Firm Wins Venezuelan Oil Block As Debt Tensions Mount
  • 2 days Rosneft Announces Completion Of World’s Longest Well
  • 2 days Ecuador Won’t Ask Exemption From OPEC Oil Production Cuts
  • 2 days Norway’s $1 Trillion Wealth Fund Proposes To Ditch Oil Stocks
  • 2 days Ecuador Seeks To Clear Schlumberger Debt By End-November
  • 2 days Santos Admits It Rejected $7.2B Takeover Bid
  • 3 days U.S. Senate Panel Votes To Open Alaskan Refuge To Drilling
  • 3 days Africa’s Richest Woman Fired From Sonangol
  • 3 days Oil And Gas M&A Deal Appetite Highest Since 2013
  • 3 days Russian Hackers Target British Energy Industry
  • 3 days Venezuela Signs $3.15B Debt Restructuring Deal With Russia
  • 3 days DOJ: Protestors Interfering With Pipeline Construction Will Be Prosecuted
  • 3 days Lower Oil Prices Benefit European Refiners
  • 3 days World’s Biggest Private Equity Firm Raises $1 Billion To Invest In Oil
  • 4 days Oil Prices Tank After API Reports Strong Build In Crude Inventories
  • 4 days Iraq Oil Revenue Not Enough For Sustainable Development
  • 4 days Sudan In Talks With Foreign Oil Firms To Boost Crude Production
  • 4 days Shell: Four Oil Platforms Shut In Gulf Of Mexico After Fire
  • 4 days OPEC To Recruit New Members To Fight Market Imbalance
  • 4 days Green Groups Want Norway’s Arctic Oil Drilling Licenses Canceled
  • 5 days Venezuelan Oil Output Drops To Lowest In 28 Years
  • 5 days Shale Production Rises By 80,000 BPD In Latest EIA Forecasts
  • 5 days GE Considers Selling Baker Hughes Assets
  • 5 days Eni To Address Barents Sea Regulatory Breaches By Dec 11
  • 5 days Saudi Aramco To Invest $300 Billion In Upstream Projects
  • 5 days Aramco To List Shares In Hong Kong ‘For Sure’
  • 5 days BP CEO Sees Venezuela As Oil’s Wildcard
  • 5 days Iran Denies Involvement In Bahrain Oil Pipeline Blast
  • 8 days The Oil Rig Drilling 10 Miles Under The Sea
  • 8 days Baghdad Agrees To Ship Kirkuk Oil To Iran
  • 8 days Another Group Joins Niger Delta Avengers’ Ceasefire Boycott
  • 8 days Italy Looks To Phase Out Coal-Fired Electricity By 2025
Alt Text

Are Electric Cars As Clean As They Seem?

Electric cars are set to…

Alt Text

Aramco Board Targeted In Anti-Corruption Crackdown

Saudi Arabian officials made a…

Spies, Hackers and Energy - Preventing a Digital Pearl Harbor

Spies, Hackers and Energy - Preventing a Digital Pearl Harbor

As the Obama Administration attempts to push some heavy-handed cyber security bills through the House that would further chip away at privacy, officials are painting a very bleak picture of America’s vulnerability to a “Digital Pearl Harbor”.

Media reports note that “foreign spies and organized criminals are inside virtually every U.S. company’s network”, and that “our infrastructure is being colonized”. 

The logic of the bills, six of them in all, is to enforce cooperation from companies and private individuals, particularly those operating power plants, chemical facilities, and communications systems. The underlying theory is that the government must step in to protect the private sector in the name of national security.

The Cyber Intelligence Sharing Protection Act, for instance, attempts to provide incentives for corporations that control critical energy, financial and communications infrastructure, offering tax breaks in return for sharing intelligence about possible attacks with the government.  A clause stipulates that any non-crucial private data from customers would be erased before handing information over. Another bill that rivals this one proposes mandating information sharing through government regulation – minus the incentives package.

Civil liberties groups are highly critical of the bills because of the implications for privacy. The Intelligence Community has also been critical – for them the issue is that they can’t govern cyberspace and simultaneously protect privacy and the rights of big business. They say the bills are irrelevant.

The private sector, for its part, does not want government protection. Business groups, including the US Chamber of Commerce, are opposed to the new cyber security laws, claiming they would lead to an increase in costs for business without a clear reduction of associated risks – a short-term argument that ignores the mounting losses to business especially over the past two years due to cyber attacks. 

According to FBI Director Robert Mueller, there are only two types of companies: “those that have been hacked, and those that will be.”

Howard Schmidt, special assistant to U.S. president Barack Obama and White House cybersecurity coordinator, is tasked with modernizing and guarding America’s cyberspace. He was also George W. Bush’s cybersecurity expert. Speaking at Bloomberg’s 2012 Cybersecurity Conference on 20 April, Schmidt lobbied for the new cyber security bills, stressing that there has been a clear escalation of cyber attacks on critical infrastructure, with around 200 attempts in 2011 – five times the amount in 2010.

So who are the real enemies?

There are hackers and there are hacktivists, and it is an important distinction, even if the government does not think so.

The biggest name in “hacktivism” today is Anonymous, which has attacked censorship proponents, hit back at Wikileaks’ enemies, and taken on the Church of Scientology, credit card companies and the bank of America, while at the same time dabbling in Middle East rebellions.

The NSA has in recent weeks and months spread fears that Anonymous could launch a cyber attack on critical US energy infrastructure and force a “limited blackout”. In late February, the NSA warned of the group’s developing capabilities, referring in particular to an alleged plan for a global internet outage on 31 March (which didn’t happen). Through its Twitter account, the group noted that it had no such plans and that such plans went against its principles, as it would affect the people it is trying to protect through its “hacktivism”. In fact, Anonymous probably does more to protect the internet than to destroy it when all is said and done.

Is Anonymous a threat to US national security? Perhaps, on some level, but not in the way that the NSA would have us believe. They will not target US energy infrastructure. It is not in their interest, nor does it jive with their overall objectives, which focus on freedom of information. What they can do, however, is make the US Intelligence Community look bad and ill-prepared. (In July last year, the group attacked government contractor Booz Allen Hamilton and a cache of 90,000 military emails and passwords causing a significant security problem for the Department of Defense.)

There is also a host of smaller, perhaps less serious and dubiously principled “hacktivist” groups, some of whom seem to be at war with each other. These smaller groups, on their own, may not yet have the capabilities to attack critical energy infrastructure, but their lack of clear motivations, sometimes very personal agendas and thoughtless prankster attitudes render them greater threats than Anonymous simply due to unpredictability. Among them are Lulzsec, which appears to have joined forces with Anonymous, and Web Ninjas, which appears to be a direct rival of Anonymous and may have been involved in helping to take down Wikileaks.

Also of note are a few lone wolfs, such as Lebanese hacker “Idahc”, who appears to be focused singularly on Sony – for now.

The real threat to US energy infrastructure from the cyber theater is China and Russia, both of whom are believed to be developing cyber warfare methods capable of dealing a major blow to critical infrastructure.

According to Franz-Stefan Gady, writing for the EastWest Institute, “the real danger to a country's economy arises from advanced persistent threats (APTs) - highly sophisticated and long-planned intrusions often executed with state sponsorship,” which threatens high-value technology and energy assets.

Experts estimate that the number of engineers in the US is equivalent to the number of “cyber jedis” in China, and that they have immense capabilities for hacking governments and companies in the West.

Paul Rosenzweig, former deputy secretary with the Department of Homeland Security, equates the mapping of critical energy and water infrastructure, for instance, to “preparation of the battlefield”. China, he opines, could easily warn the US not to interfere in Taiwan by threatening to “take out the electricity supply in Los Angeles.”

Russia and China have already “done the reconnaissance necessary to plan to attack US critical infrastructure," Jim Lewis, from the Center for Strategic and International Studies in Washington, told reporters.  "You might think we should put protection of critical infrastructure at a slightly higher level. It is completely vulnerable. It is totally unprotected."

Time to Choose: Privacy or Security

Meanwhile, as the House considers new cyber security laws, it becomes clear that the debate must be reframed. There is a price we have to pay for the luxuries of the cyber world – a trade-off for being connected to everyone and everything. It is no longer possible to frame this debate as along distinctly privacy-versus-security lines. We gave up our privacy and opened a Pandora’s Box of security threats when we embraced the cyber world – that world of instant gratification, human connection and convenience. 

Big business is concerned only about the bottom line – profits. Privacy advocates are concerned only about being able to make full use of this cyber world without losing control of personal data. The US Intelligence Community is only concerned about removing barriers to the collection and sharing of intelligence on possible national security risks among agencies.

The fact is, in an escalating cyber war theater, businesses lose out to security breaches; hackers pose a greater threat to personal privacy than the FBI, CIA and NSA; and the Intelligence Community has lost the competitive advantage to deal with cyber threats. This is an untenable situation, and the rival objectives will make it very difficult to prepare for cyber attacks on the level predicted.

Everything is about balance, and Anonymous perhaps exists as part of this necessary balance. Neither security threats nor privacy threats can be allowed to overbalance the equation. This means that the public must decide now how much it is willing to risk and what manner of risk they are willing to accept in return for harnessing the power of the cyber world. Privacy may be a thing of the past, unless you forge it in your own terms and mold it to your own desires. More than anything, it is the public that needs to rethink its cyber activities. If the public cannot come to terms with security-versus-privacy issues, it always has the freedom of choice to disengage. Outside the cyber world, privacy still exists. It’s a choice. 

By Jen Alic of Oilprice.com

Jen Alic is a geopolitical analyst, co-founder of ISA Intel in Sarajevo and Tel Aviv, and the former editor-in-chief of ISN Security Watch in Zurich.




Back to homepage


Leave a comment

Leave a comment




Oilprice - The No. 1 Source for Oil & Energy News