When U.S. politicos want to exaggerate the dangers of international cyber-terrorism, they raise the specter of Chinese spies taking out the U.S. electrical grid, or Russian programmers hacking into our missile defense system. But those fears don’t seem so far-fetched now that The Wall Street Journal is reporting that Iranian hackers gained access to the control system of a New York City dam in 2013.
The Dec. 21 report described how the shadowy Iranian group accessed the control system at the Bowman Avenue Dam, 20 miles away from the city. So far, the hack remains unconfirmed and classified, if true.
Security experts say the hack could have been worse, despite the fact that it took investigators two years to discover the origins of the hack. Computer analysts discovered that hackers had accessed a “Bowman” dam, but there are 31 dams with that name in the U.S., including a 235-foot dam in Oregon. The New York Bowman Dam is just a 20-foot structure, tiny by dam standards.
Many computer experts have raised concerns about the safety of U.S. infrastructure in the face of cybercrimes like espionage and even terrorism, especially as so many more public and private organizations migrate to the cloud.
As of 2015, about 35% of all IT services are delivered via the cloud, while major federal agencies like the Federal Aviation Administration have begun moving to cloud networks this past year. Because of the growing demand for tighter digital security, the market for cloud-based security services is projected to hit $8.71 billion by 2019.
Iranian hackers linked to the country’s government have infiltrated U.S. websites in the past. Previously, Iran fell victim to the most sophisticated computer attack in known history, when a suspected U.S. computer virus disabled sensitive centrifuges at an Iranian nuclear enrichment site.
The 2013 New York hack heightened these tensions, and the WSJ reported that concerns over the incident went as high as the White House. Already, the 2016 U.S. presidential race has included debates over the proper response to cyber espionage, as well as the best way for federal officials to conduct business online.