What happens if hackers attack the very systems meant to protect Americans from the threat of biological weapons?
This is the question weighing on the Department of Homeland Security as they aim to upgrade their BioWatch program to a new generation of advanced, automated bio-attack detection systems.
BioWatch Gen-3 is described as a “laboratory-in-a-box” that would automatically and continuously analyze air samples and send the results to public health officials over a network. BioWatch, first established in 2003, works with local governments to alert officials to possible attacks. Automation aims to speed up analysis and cut down costs.
The advantages of Gen-3 are clear: It could hypothetically analyze the air to detect an bio-weapon attack within six hours, a potentially life-saving improvement over the current system’s 36-hour window.
But next-generation networked and autonomous detection technology faces challenges from hackers, according to officials from the Department of Homeland Security, the Center for Disease Control, and a new Government Accountability (GAO) report.
An insecure system would be vulnerable to hackers “planting results or shutting systems down,” Homeland Security officials said in the GAO report. A failure to demonstrate network security would undermine confidence in the system as well, the report asserted.
The GAO report recommended against upgrading to the BioWatch Gen-3 chiefly because the “Department of Homeland Security lacks reliable information about BioWatch Gen-2’s technical capabilities to detect a biological attack and, therefore, lacks the basis for informed cost-benefit decisions about upgrades to the system.” DHS plans to make the recommended updates before finally upgrading to Gen-3.
The threat of hackers was widely agreed upon in the report, but there were no specific vulnerabilities in BioWatch disclosed in the report, though it does list general threats against data integrity and system functionality. Networked communication performance and security remains undetermined, the report found, despite having eight years to upgrade the system.
Photo via Julie Lyn / Flickr (CC BY 2.0)