How to hack a power station: critical infrastructure, and new norms for cyber

Critical infrastructure is on the front line of cybersecurity.

An attack on power, sanitation, healthcare, or even the banking system, could be catastrophic. But it could happen.

Back in the 1990s, ethical hacker Joe Carson was already concerned about how a power outage could disrupt medical services. Then, it was the Y2K bug that worried the experts.

Today it is state sponsored actors. Security experts worry that nation states are, if not actually attacking critical infrastructure, carrying out deep reconnaissance.

Now the chief security scientist and advisory CISO at Thycotic, Carson has pitted himself against CNI’s defences, and found them wanting. This makes it all the easier for adversaries to target key infrastructure, and potentially, even put lives at risk.

In a followup to our previous episode, looking at the risks of cyber war, we go deeper into the issue of protecting critical infrastructure. How vulnerable are these systems, and what are the consequences of a cyber attack?

Can, and should, we do more to create practices and norms to protect these vital services? And is international cooperation a realistic possibility?

In this episode, Carson shares his personal experiences, including an explanation of how he hacked into a power station.

Thycotic's Joe Carson
Guest for this episode, Joe Carson, is an industry veteran who has monitored the threats to CNI since the 1990s.

Image by Evgeni Tcherkasski from Pixabay. Stock Image: the facility shown is not associated with the commentary in this episode.