Sunday 29 March 2009

According to CIA: Hackers have already attacked the electric grid

If someone hacked into the Smart Grid, experts say it could cause a blackout that stretches across the country

In the past week, there's been a good deal of publicity about security holes in the Smart Grid, making it a potential hacker's playground, as well as an entry point into enterprise networks. Here's more fuel for the fire: A year ago, the CIA claimed that hackers had invaded the networks of power utilities outside the U.S., causing power outages in several cities, and issuing extortion demands. 

Is it really so smart to forge ahead with the high technology, digitally based electricity distribution and transmission system known as the "Smart Grid"? Tests have shown that a hacker can break into the system, and cybersecurity experts said a massive blackout could result.

CIA said that hackers had already hacked into the networks of power companies overseas. The site SecurityFocus reported:
The cases involved unknown attackers compromising a utilities company's network and then demanding ransom from the firm. In at least one case, the attack cause a power outage that affected multiple cities, the CIA analyst said.
The attacks were launched via the Internet. Here's the full statement that the CIA official gave, according to the SANS Institute:
"We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."
The entire Smart Grid will be based on Internet technology, which means that it will be potentially more vulnerable that the existing grid to hackers. 

No comments:

Post a Comment