Photo: Vice President Mike Pence
As part of a daylong “cybersecurity summit” held by the U.S. Department of Homeland Security on July 31 in New York City, Vice President Mike Pence stressed in a speech that “America’s digital infrastructure is under constant cyberattack” and that “our digital foes are targeting every facet of our society,” including the nation’s energy and transportation infrastructure.
“Criminal terrorists, foreign adversaries constantly prowling this digital domain represent a threat to this nation,” he said in his prepared remarks. “The federal government alone experiences hundreds of thousands of digital assaults every day. And across the entire country, the number of attacks on our digital infrastructure is impossible to calculate.”
Pence noted that “America depends on the digital world more with every passing day, as all the industry leaders here know too well” but that the nation’s cyber adversaries “seek to infiltrate our critical infrastructure, including our electrical grid, power stations, so that in some future conflict they might have the opportunity to shut down the nerve center of American energy and our national life.”
He noted that cyber attackers also go after municipal governments, such as when criminal hackers hobbled the city of Atlanta back in March, crippling many basic services for days and keeping up to 30 percent of the city’s computer systems offline thru June – costing more than an estimated $11 million to fix, according to a news story.
Pence added that cyber attackers are targeting the transportation elements serving the U.S. economy as well. “A single Russian malware attack last year cost a major American shipping company roughly $400 million,” he said in his speech.
As a result, Pence noted that the formation of new cyber-focused government agencies – such as the Cybersecurity and Infrastructure Security Agency and National Risk Management Center, both housed within DHS – along with more collaboration with private sector groups will be needed, especially as the costs of cyberattacks continues to grow.
“In 2016, it is estimated cyberattacks cost our economy as much as $109 billion,” he said. “The truth is, cybersecurity is unlike any challenge we’ve ever faced. Technologies are shifting by the minute, from the Internet of Things to 5G to artificial intelligence to quantum computing, and each advance is accompanied not only by new opportunities, but new challenges. And just as the threats are evolving, our defenses, too, must evolve. It is a work that’s never done. It is a process that is continuous. And so must our collaboration be.”
Transportation-focused groups also recognize the need is increasing for broader collaboration to face down the growing danger of cyberattacks.
“What we often don’t talk about is the clear and present danger that cybersecurity poses for our country as a whole,” Shailen Bhatt, president and CEO of the Intelligent Transportation Society of America, explained in a separate interview with the AASHTO Journal. “Now, I am not saying just for transportation, but unless we get the cybersecurity issues figured out, there are opportunities for individual actors or even state-sponsored terrorism to have impacts on our transportation networks.”
Bhatt, who is a former director of the Colorado Department of Transportation, added that “we are very ‘siloed’ in transportation: ‘I am transit agency, a state DOT, a municipal planning organization, or I am a city, a county, a state, or a Fed.’ Hackers don’t care that one agency is the regional transportation transit authority and the other is a state DOT. They will find one vector in and then they will look to spread.”
As a result, state DOTs can really no longer think that their cybersecurity concerns “stop at my domain,” Bhatt emphasized, because “you may be getting information from a camera that is not yours; data from a sensor that does not belong to you. There may be many aspects of your system that you share with others.”
In the end, while he stressed that “I don’t want to overstate it and say ‘the sky is falling,’” Bhatt said state DOTs “need to be very clear-eyed about what the cybersecurity challenges are. I would say the time is right to now to be taking steps to ensure the security of our systems [because] we will have a cybersecurity attack on our system, so we need to be prepared now to how we deal with that and how we deal aftermath so the American public does not lose confidence in technology.”