Cybersecurity

In the Age of Cybercrime, the Best Insurance May Be Analog

Old-fashioned mechanical systems, plus humans, may help avert catastrophic breaches.

Provide news feedback or report an error

Confidential tip?

Send a tip to our reporters

Site feedback:

Take our Survey

By David Sax

March 10, 2016 at 11:44 PM UTC

Corrected

March 11, 2016 at 3:35 PM UTC

This article is for subscribers only.

This article is part of the March 14, 2016 issue of businessweek.

Right before Christmas, two power companies in Ukraine were simultaneously targeted in what’s now regarded as the world’s first successful cyber attack on a public utility. The hackers (most likely Russians) knocked out electricity to more than 80,000 customers for several hours. Luckily, Ukraine’s power grid is somewhat antiquated, and authorities were able to restore electricity in a few hours by resetting breakers by hand. The lesson: In the age of cybercrime, the best insurance may be analog.

As we’ve rushed to connect everything from power plants to home thermostats to the Internet, the risk of a catastrophic cyber attack has multiplied, because the systems people rely on are now more complex, communicative, and concentrated. “You’re buying a capability, but at the same time you’re buying a vulnerability,” says Richard Danzig, former secretary of the Navy and a senior fellow at the Johns Hopkins Applied Physics Lab. “A digital attacker can take out all systems with one attack.” That’s why Danzig recommends deploying physical backup hardware in the most vulnerable places of the U.S. power grid, military installations, and other key infrastructure. “My argument is that, if your main system is digital, you’re stronger if your safeguard is analog.”