Report: Cybercriminals have penetrated U.S. electrical grid
Hackers look to map power grid and install malware for possible attacks, Journal says
IDG News Service - Cyperspies from China, Russia and elsewhere have gained access to the U.S. electrical grid and installed malware tools that could be used to shut down service, according to a story published today by The Wall Street Journal.
Thus far, the attackers haven't used their access to damage the electrical grid, but the cyberespionage appears to be "pervasive," the Journal reported, citing anonymous national security officials. Federal officials are worried that the cyberspies could use their access to try to shut down the grid or take control of power plants during a time of crisis or war, the story said.
Many of the intrusions, which for now appear to be aimed mostly at mapping the domestic power grid, were discovered not by electric utilities but by U.S. intelligence agencies, the story added.
The cyberspies have left behind software tools that could be used to destroy components of the grid, one intelligence official told the Journal. "If we go to war with them, they will try to turn them on," that official was quoted as saying.
U.S. lawmakers and some security analysts have raised concerns for several years about the security of the power grid and other industrial control systems.
In 2007, for example, a simulated attack done by the Idaho National Laboratory for the U.S. Department of Homeland Security showed that a known software vulnerability in a Supervisory Control and Data Acquisition, or SCADA, system could be used to destroy power grid equipment.
There also have been previous disclosures of actual hacking incidents involving electrical grids, both in the U.S. and abroad. Early last year, the CIA said that cybercriminals had been able to launch online attacks that disrupted power equipment in several regions outside of the U.S.
And at a congressional hearing in March, Joseph Weiss, managing partner of Applied Control Solutions, claimed that networks controlling industrial control systems in the U.S. have been breached more than 125 times in the past decade, with one incident resulting in deaths.
A coordinated attack on critical infrastructure systems "could be devastating to the U.S. economy and security," Weiss said at the hearing. "We're talking months to recover. We're not talking days."
Other security experts have raised concerns that the electrical grid could become more vulnerable as it is transitioned into a two-way smart grid, potentially using the Internet for transmission. The federal government included $4.5 billion for smart-grid deployment as part of the economic stimulus package approved earlier this year.
IOActive Inc., a Seattle-based security consultancy, has spent the past year testing smart-grid devices for security vulnerabilities. The company said last month that it had discovered a number of flaws that could enable hackers to access networks and cut power.
Brian Ahern, president and CEO of Industrial Defender Inc., a vendor of security tools for control systems, also voiced concerns about the power grid in an interview before the Journal story was published.
"One of the challenges that we have today in this country is that you've got all this critical infrastructure that has been deployed over the last 20 years, and no one was even thinking about security," Ahern said. "When you think about our existing infrastructure today — power plants, transmission distribution systems — they all have their own security problems. That's what we're all working diligently on right now: making sure that our existing infrastructure is secure."
- University of North Florida breach exposes data on 107,000 individuals
- Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.
- GAO slams White House for failing to lead on cybersecurity
- Man charged with attack on Web site of Fox News' Bill O'Reilly
- Heartland breach expenses pegged at $140M -- so far
- IT contractor gets five years for $2M credit union theft
- Democracy would suffer if Google left China, says MIT panel
- Gonzalez accomplice gets five years for hacking TJX
- Threat of cyberattacks from overseas high, federal IT execs say
- Botnets 'the Swiss Army knife of attack tools'
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Cybersecurity for Dummies eBook This book provides an in-depth examination of real-world attacks and APTs, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and...
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- The Threat Landscape Hardly a day goes by without the discovery of a new cyberthreat somewhere in the world! But how do you keep up with...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- On-demand webinar - 7 Keys to Service Catalog Implementation Success Watch this webinar to learn 7 crucial keys to make your service catalog a success! All Cybercrime and Hacking White Papers | Webcasts