A team of researchers at Massachusetts Institute of Technology (MIT) have levied a series of recommendations to the Trump administration in order to help shore up cybersecurity efforts in the U.S.’s critical infrastructure.
The MIT researchers say that for far too long the government has taken a haphazard approach to dealing with cybersecurity when it comes to the nation’s infrastructure and because hackers have become more inventive and disruptive it represents a threat to national security.
The recommendations include developing a coherent cybersecurity plan that coordinates efforts across departments, encourages investment and removes key parts of the infrastructure like the electric grid from the internet. The plan also recommends changes in tax law and regulations to incentivize private companies to improve security of their critical infrastructure—something that is currently not being addressed in the leaked proposed executive order on cybersecurity.
“The nation will require a coordinated, multi-year effort to address deep strategic weaknesses in the architecture of critical systems, in how those systems are operated, and in the devices that connect to them,” MIT states in the recommendation. “But we must begin now. Our goal is action, both immediate and long-term.”
The 50-page report, entitled “Making America Safer: Toward a More Secure Network Environment for Critical Sectors," MIT outlines seven challenges that would help reduce the risk of cyberattacks in electricity, finance, communications and oil/natural gas.
Researchers have organized a series of workshops aimed at looking deeper at cyber vulnerabilities highlighting the risk at different sectors and the return on investment for specific cybersecurity measures. The concern comes amid facility-directed attacks such as the Stuxnet virus—a computer worm that targets industrial control systems such as power plants and dams—and the sabotage of a Saudi oil refinery.
The concerns from MIT about the dangers that these operations connected to the internet have echoes concerns that were raised in a Department of Energy report that was published in January.
“Our recommendations complement their attention to federal systems,” said Joel Brenner, principal author of the report and former inspector general of the National Security Agency and head of U.S. counterintelligence in the Office of the Director of National Intelligence. “Our current cyber insecurity is a national disgrace, and we must defend the networks that the safety of our nation depends on.”