Joe Uchill Feb 19
SaveSave story

Trump infrastructure rush risks cybersecurity disaster

street construction signs
Construction work signs are stacked against a fence in Miami-Dade County in 2015. Photo: Joe Raedle / Getty Images

President Trump's infrastructure plan encourages states to "incorporate new and evolving technologies" into their proposals, but does not require any form of cybersecurity for those technologies. Experts say that might set states on the path to disaster.

The bottom line: "These plans are not just about putting down pavement. 21st century infrastructure is networked," said Richard Harknett, a University of Cincinnati professor that recently served as scholar-in-residence at the NSA and U.S. Cyber Command.

Flashback: Criminals have already wreaked havoc on current, less-networked infrastructure. In 2016, an attacker installed ransomware on the San Francisco Municipal Railway. As a result, the public transit system was unable to charge for rides for a weekend.

Details: Trump has touted his $200 billion infrastructure plan as a mechanism to generate more than a trillion dollars in investment. The Trump proposal includes a $100 billion incentive program rewarding proposals "incorporat[ing] new and evolving technologies." There is no requirement to evaluate the cybersecurity of any new technology used.

Advantages of modern infrastructure: The state-of-the-art in infrastructure uses data to become more efficient. Take transit for example:

  • Sensors will pick up data on things like congestion or weather, allowing for big data analysis to help optimize traffic by changing traffic light patterns.
  • Cars will communicate with traffic lights and signs to help drivers know when to stop.
  • There will be benefits to traffic, safety, fuel efficiency, and noise.

Yes, but: "Cities do a lot of functionality testing to make sure things work right, but do very little security testing," said Caesar Cerrudo, chief technology officer for the security firm IOActive. Cerrudo is known for showing how to hack traffic light sensors already in use by many large American cities.

  • If hackers are able to tinker with any aspects of a smart system, they can more than negate any safety or efficiency boost.
  • Such tinkering could also trick sensors and manipulate traffic flows through intersections.
  • A cleverly constructed series of traffic jams, for example, could do serious harm to an economy.
  • Toying with weather sensors could cause a system to suggest caution during a perfectly sunny day or, worse, not suggest caution during a freeze.

That doesn't mean it's not worth doing. Businesses have high hopes for replacing crumbling infrastructure that impedes national and international trade. "It's time to invest in a 21st century infrastructure, a system of infrastructures to support and grow a 21st century economy," said Tom Donohue, president of the U.S. Chamber of Commerce, at a speech in January.

But there are concerns to address: Cybersecurity experts say it's much cheaper and effective to address cybersecurity concerns before a major infrastructure project starts. "This is the time to address it, before the shovels hit the ground," said Harknett.

Jonathan Swan 2 hours ago
SaveSave story

McMaster out, Bolton in as National Security Adviser

Bolton. Photo: Drew Angerer/Getty Images

H.R. McMaster plans to resign and will be replaced as national security adviser by former U.N. ambassador John Bolton. The White House said McMaster's departure had been under discussion for some time and that the process was sped up to end speculation about the role. McMaster will stay on until mid-April.

Bottom line: This isn’t about ideology — unlike Trump, Bolton is hawkish and interventionist on foreign policy. This is about personal chemistry. 

Khorri Atkinson 23 mins ago
SaveSave story

China slaps reciprocal tariffs on U.S. imports

China's President Xi Jinping speaks next to President Trump. Photo: Nicolas Asfouri// AFP / Getty Images

China announced plans to impose reciprocal tariffs on $3 billion of imports from the U.S., hours after President Trump ordered levies on a range of Chinese goods.

The details: China's plan includes a 25% tariff on U.S. pork imports as well as 15% tariffs on American steel pipes, fruit and wine, according to Bloomberg.

Go deeper: Axios' Jonathan Swan explains the coming trade war.