Ethical Hackers Defend US Water Systems in Project Franklin
In the United States, a groundbreaking initiative has been launched to bolster the cybersecurity of critical infrastructure through the expertise of ethical hackers. Six water utilities from various states have granted specialists access to their IT systems, enabling them to identify vulnerabilities and propose effective solutions.
The project, known as Franklin, was unveiled at the DEF CON conference and is aimed at safeguarding vital systems against cyberattacks. As DEF CON founder Jeff Moss explained, the program not only strengthens resilience to threats but also lays the groundwork for an annual Hacker Almanac, which will compile best practices for training professionals in the field.
The initiative is being carried out in collaboration with the University of Chicago and the National Rural Water Association (NRWA). Experts are assessing the defenses of water utilities in Utah, Vermont, Indiana, and Oregon, identifying weaknesses, and imparting their knowledge to the companies involved. According to Moss, the primary goal is to harness the skills of hackers for public benefit, transforming short-term efforts into enduring programs.
Project Director Paul Chang highlighted the unique challenges of the water sector, which comprises approximately 50,000 suppliers across the country, each employing distinct IT solutions. Volunteers in the program are working alongside the technical staff of these utilities, helping them adapt their systems to better withstand cyber threats.
Amid a surge in attacks on critical infrastructure, including water systems, experts emphasize the project’s significance. Such facilities are increasingly becoming targets in cyber warfare. Chang expressed hope that the program’s efforts will draw the attention of policymakers and foster collaboration to address these pressing issues.
The NRWA pointed out that about 91% of U.S. water systems serve small communities with populations under 10,000, making them particularly vulnerable to cyberattacks. This new initiative aims to equip such utilities with the tools needed to assess and mitigate risks effectively.
The project brings together volunteers with diverse backgrounds, ranging from students to seasoned veterans with over 30 years of experience, united by their enthusiasm and commitment to protecting critical systems from cyber threats. Experts are confident that such efforts will not only enhance the security of individual companies but also fortify the entire industry against future challenges.
