That's from a piece written by Jim Finkle and published yesterday by Reuters. In it, Finkle shares how cybersecurity researcher HD Moore was able to access control of 30 pipeline sensors around the United States that had no password protection. The difference between "rational" and "irrational" actors is that the former - other nations with the resources to manifest chaos through wide-spread hacking - are unlikely to act in a way that would surely result in some level of retaliation. Rather, independent actors and activist groups that are flying under the radar are of greater concern to those interviewed for the story.
It's a great read - and one that highlights the need to review the security of all networked devices. Web-facing power generators, dams, chemical plants, medical equipment and industrial controls are discoverable - in many cases, easily discoverable. Many of these devices and controls are vulnerable simply because security was not as much of a concern at the time they were developed as it is today.
From the article:
"House Intelligence Committee Chairman Mike Rogers said terrorists are among the groups looking to acquire the capability to launch a cyber attack on U.S. infrastructure, but he believes they do not yet have that ability. 'You get the right person with the right capability committed to this and it's a game changer,' Rogers told the Summit. 'My concern is it's just a matter of time.'"
Read the complete article: "'Irrational' hackers are growing U.S. security fear" at Reuters