Power grid hackers probably got inside by attacking PCs, says researcher
'Plenty of PCs have been compromised' in different industries, critical or not, says Roger Thompson
Computerworld - The hackers who reportedly planted malware on key parts of the U.S. electrical grid, perhaps with the intent to cripple the country's power infrastructure, most likely gained access like any other cybercriminal -- by exploiting a bug in software such as Windows or Office, a security researcher said today.
"Any computer connected to the Internet is potentially vulnerable," said Roger Thompson, chief research officer at AVG Technologies USA Inc. "Getting to the actual infrastructure devices directly -- that's always possible, but a whole lot less likely. In any industry, critical or not, there are always plenty of PCs that have been compromised."
According to a report earlier today in The Wall Street Journal, unnamed national security sources said that hackers from China, Russia and elsewhere have penetrated the U.S. power grid, extensively mapped it, and installed malicious tools that could be used to further attack not only the electrical infrastructure, but others as well, including water and sewage systems.
The discoveries were made by U.S. intelligence agencies, not the utilities' security teams, the Journal said.
"I'm a bit bothered by all the anonymous sources [in the Journal story]: one unnamed source here and another unnamed source there," said Thompson. "But I think there's a high likelihood that it has a strong basis in fact. Any infrastructure device that's connected to the Net is potentially hackable."
It's more likely, he added, that the power-grid hackers exploited the same kinds of vulnerabilities -- but not the exact same bugs -- that have plagued consumers and businesses that run Microsoft Corp.'s Windows and its Office application suite.
"I have no doubt that there's been this kind of attack, or attempt to attack, for quite some time," said Thompson, "perhaps using the same kind of Office zero days that have been coming out." In security parlance, a "zero-day" exploit is one that leverages an unpatched vulnerability.
- University of North Florida breach exposes data on 107,000 individuals
- Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.
- GAO slams White House for failing to lead on cybersecurity
- Man charged with attack on Web site of Fox News' Bill O'Reilly
- Heartland breach expenses pegged at $140M -- so far
- IT contractor gets five years for $2M credit union theft
- Democracy would suffer if Google left China, says MIT panel
- Gonzalez accomplice gets five years for hacking TJX
- Threat of cyberattacks from overseas high, federal IT execs say
- Botnets 'the Swiss Army knife of attack tools'
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Cybercrime and Hacking White Papers | Webcasts