It’s called the “Dark Side” because the 50 workers there prefer to keep the lights low so they can dim the brightness on their computer screens.
Or maybe it’s because of what they do in cyber research and development.
Questions about exactly what goes on at the heart of one of the United States’ primary cybersecurity facilities at the Idaho National Laboratory aren’t always answered, and photos by outsiders aren’t allowed.
What is shared is that the U.S. is rushing to catch up with what cybersecurity experts say are threats by hackers to systems that operate energy pipelines, hydroelectric projects, drinking water systems and nuclear power plants across the country. Hackers opening valves, cutting power or manipulating traffic lights, for example, could have serious consequences.
Scott Cramer, who directs the lab’s cybersecurity program, said current efforts mostly involve “bolting on” cybersecurity protections to decades-old infrastructure control systems amid concerns they’ve already been infiltrated by malicious entities waiting for the opportune time to strike.
Learn More at SecurityWeek’s ICS Cyber Security Conference
“This is no joke — there are vulnerabilities out there,” he said. “We’re pretty much in reaction mode right now.”
The Idaho National Laboratory is mainly known as the nation’s primary lab for nuclear research. But in the past decade, its cybersecurity work has put it on the leading edge there as well, and it’s expanding.
A new 80,000-square-foot (7,400-square-meter) building called the Cybercore Integration Center will hold 20 laboratories and 200 workers. Another 67,000-square-foot (6,200-square-meter) building called the Collaborative Computing Center will house one of the nation’s most powerful supercomputers. They are expected to be finished next fall at a cost of about $85 million.
“We’re almost out of space, and we’re hiring like mad,” Cramer said. “So having that (integration center) building in a year is going to be incredible for us.”
The lab’s focus is on what are called critical infrastructure control systems, as opposed to cybersecurity systems intended to protect information, such as banking or personal health records.
Its employees work to prevent threats like one that occurred in 2013, in which the Justice Department said seven Iranian hackers working at the behest of the Iranian government gained access to the controls of a dam in the suburbs of New York City. Prosecutors said the hackers would have been able to remotely access the dam’s gate, but it was disconnected at the time for maintenance. Prosecutors in an indictment made public in 2016 called it a “frightening new frontier in cybercrime.” The hackers remain wanted by the FBI.
The Dark Side room is in one of multiple buildings in Idaho Falls that house the lab’s cybercore, a division within National and Homeland Security. It’s decorated with workers’ “alter egos,” life-sized cardboard cutouts of “Star Wars” heroes and other famous characters such as Sheldon, the genius and socially inept main character of the comedy show “The Big Bang Theory.”
“That workforce is a unique culture with brilliant minds,” Cramer said.
The Idaho National Laboratory’s cybersecurity also has an electronics lab to dismantle and examine computers, including pulling information off severely damaged storage drives. The electronics lab contains a map of the U.S. West’s electric grid and a car-sized computer that helps test the security systems of Western utilities, including Idaho Power, which serves an estimated 1.2 million people in southern Idaho and eastern Oregon.
Brad Bowlin, an Idaho Power spokesman, said the company as a matter of policy doesn’t comment on its cybersecurity efforts.
In general, hackers can include foreign entities and nation-states with sophisticated attacks, malicious computer geeks, and even kids with no intent to do harm but just a curiosity to see if they have the skills to breach a system’s security. Those kids, it turns out, are candidates for the lab’s Dark Side room.
“Those are the kids we’re looking for,” said Darren Stephens, a cyber-researcher at the lab.
The Idaho National Laboratory makes efforts to find them beginning with middle schoolers. It also looks for junior and high school students and has competitions that it plans to expand to nudge tech-savvy youths toward cybersecurity careers.
The lab recently held a contest among college students involving Idaho universities and other national labs and colleges where workers in the lab’s Dark Side attempted to hack into systems the students tried to defend.
It’s a fun competition, but it’s also a proving ground to find the next generation of cybersecurity workers where a shortage of more than a million employees by 2020 is estimated. Cramer said the nation’s universities don’t even have curriculums to train future cybersecurity workers.
That’s something he’s working to change with Idaho universities that could ultimately offer degrees to draw those students and become a main supplier for good-paying jobs in cybersecurity.
“The problem is so new and challenging that we don’t have the workforce right now to challenge the problem efficiently,” he said. “We’re in a bit of a scramble mode to help get caught up and train folks to get our arms around a big national challenge.”
Learn More About Critical Infrastructure Security at SecurityWeek’s ICS Cyber Security Conference