[NukeNet] Hackers Have Attacked Foreign Utilities, CIA Analyst Says

Bill Smirnow smirnowb at ix.netcom.com
Sat Jan 19 14:25:52 EST 2008 


http://www.washingtonpost.com/wp-dyn/content/article/2008/01/18/AR2008011803277.html?wpisrc=newsletter
Hackers Have Attacked Foreign Utilities, CIA Analyst Says
     TOOLBOX
       Resize Text

       Save/Share +
      DiggNewsvinedel.icio.usStumble It!RedditFacebookPrint This
      E-mail This
      COMMENT
      washingtonpost.com readers have posted 15 comments about this item.
      View All Comments »

      POST A COMMENT
      You must be logged in to leave a comment. Log in | Register
       Why Do I Have to Log In Again?
      Log In Again?
       CLOSE
      We've made some updates to washingtonpost.com's Groups, MyPost and
comment pages. We need you to verify your MyPost ID by logging in before you
can post to the new pages. We apologize for the inconvenience.




       Discussion PolicyDiscussion Policy
       CLOSE
      Comments that include profanity or personal attacks or other
inappropriate comments or material will be removed from the site.
Additionally, entries that are unsigned or contain "signatures" by someone
other than the actual author will be removed. Finally, we will take steps to
block users who violate any of our posting standards, terms of use or
privacy policies or any other policies governing this site. Please review
the full rules governing commentaries and discussions. You are fully
responsible for the content that you post.
      Who's Blogging» Links to this article
By Ellen Nakashima and Steven Mufson
Washington Post Staff Writers and Washington Post Staff Writers
Saturday, January 19, 2008; Page A04

In a rare public warning to the power and utility industry, a CIA analyst
this week said cyber attackers have hacked into the computer systems of
utility companies outside the United States and made demands, in at least
one case causing a power outage that affected multiple cities.

"We do not know who executed these attacks or why, but all involved
intrusions through the Internet," Tom Donahue, the CIA's top cybersecurity
analyst, said Wednesday at a trade conference in New Orleans.

Donahue's comments were "designed to highlight to the audience the
challenges posed by potential cyber intrusions," CIA spokesman George Little
said. The audience was made up of 300 U.S. and international security
officials from the government and from electric, water, oil and gas
companies, including BP, Chevron and the Southern Co.

"We suspect, but cannot confirm, that some of the attackers had the benefit
of inside knowledge," Donahue said. He did not specify where or when the
attacks took place, their duration or the amount of money demanded. Little
said the agency would not comment further.

The remarks come as cyber attackers have made increasingly sophisticated
intrusions into corporate computer systems, costing companies worldwide more
than $20 billion each year, according to some estimates.

Cyber extortion is a growing threat in the United States, and attackers have
radically increased their take from online gambling sites, e-commerce sites
and banks, which pay the money to prevent sites from being shut down and to
keep the public from knowing their sites have been penetrated, said Alan
Paller, research director at the SANS Institute, the cybersecurity education
group that sponsored the meeting.

"The CIA wouldn't have changed its policy on disclosure if it wasn't
important," Paller said. "Donahue wouldn't have said it publicly if he
didn't think the threat was very large and that companies needed to fix
things right now."

Over the past year to 18 months, there has been "a huge increase in focused
attacks on our national infrastructure networks, . . . and they have been
coming from outside the United States," said Ralph Logan, principal of the
Logan Group, a cybersecurity firm.

It is difficult to track the sources of such attacks, because they are
usually made by people who have disguised themselves by worming into three
or four other computer networks, Logan said. He said he thinks the attacks
were launched from computers belonging to foreign governments or militaries,
not terrorist groups.

Over the past 10 years, electric utilities, pipelines, railroads and oil
companies have used remotely controlled and monitored valves, switches and
other mechanisms. This has resulted in substantial savings in man power and
other costs.

But to do that, the companies have installed wireless Internet connections
to link the devices to central offices.

"In the past, if they wanted to go out and read a gauge on a gas well, for
example, they would have to send a technician in his vehicle; he would drive
100 miles and physically read the gauge and get back in his truck," Logan
said. "Now they can read it from headquarters. But it allows attackers a
gateway into the system."

In addition, within the companies' main offices, control equipment can be
accessed from more computers than in the past.

The electric utility industry has also been adding software that allows more
coordination among different parts of the electricity grid and will
ultimately allow utilities and individuals to control devices remotely. This
is a central part of what many firms call the "utility of the future," which
will be better able to save energy and reduce greenhouse gas emissions.

"Often there are authentication methods that are less than secure," Logan
said. "Sometimes there are no authentication methods."

On Thursday, the Federal Energy Regulatory Commission approved eight
cybersecurity standards for electric utilities. They involve identity
controls, training, security "perimeters," physical security of critical
cyber equipment, incident reporting and recovery.

The U.S. electricity grid has always been vulnerable to outages.
"Cybersecurity is a different kind of threat, however," Joseph T. Kelliher,
the commission's chairman, said in a statement this week. "This threat is a
conscious threat posed by a single hacker, or even an organized group that
may be deliberately trying to disrupt the grid."


-------------- next part --------------
A non-text attachment was scrubbed...
Name: font_resize_small.gif
Type: image/gif
Size: 853 bytes
Desc: not available
Url : http://mail.energyjustice.net/pipermail/nukenet_energyjustice.net/attachments/20080119/5a96b95f/attachment.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: font_resize_medium.gif
Type: image/gif
Size: 873 bytes
Desc: not available
Url : http://mail.energyjustice.net/pipermail/nukenet_energyjustice.net/attachments/20080119/5a96b95f/attachment-0001.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: font_resize_large.gif
Type: image/gif
Size: 876 bytes
Desc: not available
Url : http://mail.energyjustice.net/pipermail/nukenet_energyjustice.net/attachments/20080119/5a96b95f/attachment-0002.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: icon_save.gif
Type: image/gif
Size: 888 bytes
Desc: not available
Url : http://mail.energyjustice.net/pipermail/nukenet_energyjustice.net/attachments/20080119/5a96b95f/attachment-0003.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: comment_icon.gif
Type: image/gif
Size: 913 bytes
Desc: not available
Url : http://mail.energyjustice.net/pipermail/nukenet_energyjustice.net/attachments/20080119/5a96b95f/attachment-0004.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: open_12x12.gif
Type: image/gif
Size: 219 bytes
Desc: not available
Url : http://mail.energyjustice.net/pipermail/nukenet_energyjustice.net/attachments/20080119/5a96b95f/attachment-0005.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: comment_policy_close.gif
Type: image/gif
Size: 889 bytes
Desc: not available
Url : http://mail.energyjustice.net/pipermail/nukenet_energyjustice.net/attachments/20080119/5a96b95f/attachment-0006.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: comment_policy_close.gif
Type: image/gif
Size: 889 bytes
Desc: not available
Url : http://mail.energyjustice.net/pipermail/nukenet_energyjustice.net/attachments/20080119/5a96b95f/attachment-0007.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: logo_sphere_powered101x13.gif
Type: image/gif
Size: 1574 bytes
Desc: not available
Url : http://mail.energyjustice.net/pipermail/nukenet_energyjustice.net/attachments/20080119/5a96b95f/attachment-0008.gif

More information about the Nukenet mailing list