Report: Cybercriminals have penetrated U.S. electrical grid
Hackers look to map power grid and install malware for possible attacks, Journal says
IDG News Service - Cyperspies from China, Russia and elsewhere have gained access to the U.S. electrical grid and installed malware tools that could be used to shut down service, according to a story published today by The Wall Street Journal.
Thus far, the attackers haven't used their access to damage the electrical grid, but the cyberespionage appears to be "pervasive," the Journal reported, citing anonymous national security officials. Federal officials are worried that the cyberspies could use their access to try to shut down the grid or take control of power plants during a time of crisis or war, the story said.
Many of the intrusions, which for now appear to be aimed mostly at mapping the domestic power grid, were discovered not by electric utilities but by U.S. intelligence agencies, the story added.
The cyberspies have left behind software tools that could be used to destroy components of the grid, one intelligence official told the Journal. "If we go to war with them, they will try to turn them on," that official was quoted as saying.
U.S. lawmakers and some security analysts have raised concerns for several years about the security of the power grid and other industrial control systems.
In 2007, for example, a simulated attack done by the Idaho National Laboratory for the U.S. Department of Homeland Security showed that a known software vulnerability in a Supervisory Control and Data Acquisition, or SCADA, system could be used to destroy power grid equipment.
There also have been previous disclosures of actual hacking incidents involving electrical grids, both in the U.S. and abroad. Early last year, the CIA said that cybercriminals had been able to launch online attacks that disrupted power equipment in several regions outside of the U.S.
And at a congressional hearing in March, Joseph Weiss, managing partner of Applied Control Solutions, claimed that networks controlling industrial control systems in the U.S. have been breached more than 125 times in the past decade, with one incident resulting in deaths.
A coordinated attack on critical infrastructure systems "could be devastating to the U.S. economy and security," Weiss said at the hearing. "We're talking months to recover. We're not talking days."
Other security experts have raised concerns that the electrical grid could become more vulnerable as it is transitioned into a two-way smart grid, potentially using the Internet for transmission. The federal government included $4.5 billion for smart-grid deployment as part of the economic stimulus package approved earlier this year.
IOActive Inc., a Seattle-based security consultancy, has spent the past year testing smart-grid devices for security vulnerabilities. The company said last month that it had discovered a number of flaws that could enable hackers to access networks and cut power.
Brian Ahern, president and CEO of Industrial Defender Inc., a vendor of security tools for control systems, also voiced concerns about the power grid in an interview before the Journal story was published.
"One of the challenges that we have today in this country is that you've got all this critical infrastructure that has been deployed over the last 20 years, and no one was even thinking about security," Ahern said. "When you think about our existing infrastructure today — power plants, transmission distribution systems — they all have their own security problems. That's what we're all working diligently on right now: making sure that our existing infrastructure is secure."
- University of North Florida breach exposes data on 107,000 individuals
- Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.
- GAO slams White House for failing to lead on cybersecurity
- Man charged with attack on Web site of Fox News' Bill O'Reilly
- Heartland breach expenses pegged at $140M -- so far
- IT contractor gets five years for $2M credit union theft
- Democracy would suffer if Google left China, says MIT panel
- Gonzalez accomplice gets five years for hacking TJX
- Threat of cyberattacks from overseas high, federal IT execs say
- Botnets 'the Swiss Army knife of attack tools'
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Is SQL Server AlwaysOn really as powerful? Tips and Tricks from the field With the introduction of AlwaysOn, Windows Clustering Services is now more critical than ever. All Cybercrime and Hacking White Papers | Webcasts