Critical Infrastructure: Control Systems and the Terrorist Threat [Updated July 14, 2003] [open pdf - 94KB]
"Much of the U.S. critical infrastructure is potentially vulnerable to cyber-attack. Industrial control computer systems involved in this infrastructure are specific points of vulnerability, as cyber-security for these systems has not been previously perceived as a high priority. Industry sectors potentially affected by a cyber-attack on process control systems include the electrical, telephone, water, chemical, and energy sectors. The federal government has issued warnings regarding increases in terrorist interest in the cyber-security of industrial control systems, citing international terrorist organization interest in critical infrastructure and increases in cyber-attacks on critical infrastructure computer systems. The potential consequences of a successful cyber-attack on critical infrastructure industrial control systems could be high and range from a temporary loss of service to catastrophic infrastructure failure affecting multiple states for an extended duration. The National Strategy for Securing Cyberspace, released in February 2003, contains a number of suggestions regarding security measures for control systems. A focus on the further integration of public/private partnerships and information sharing is described, along with suggestions that standards for securing control systems be developed and implemented."
CRS Report for Congress, RL31534
Maxwell-Gunter Air Force Base: http://www.au.af.mil/