Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED 12 MINUTES AGO.
You are here: Home / Network Security / Power Grid Penetration Reported
Report Says Hackers Have Penetrated Power Grid
Report Says Hackers Have Penetrated Power Grid
By Patricia Resende / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
APRIL
08
2009
The U.S. power grid and other utilities, including water and sewage, are being watched by cyber spies, most likely from China and Russia, who have penetrated the nation's electronic grid. The hackers have placed malware on the grid's system that, if activated, could have serious consequences, a former homeland security official told The Wall Street Journal.

Some experts believe the news is just Capitol Hill politics, while others say it's not something to take lightly.

Ira Winkler, author of The Spies Among Us and president of the Internet Security Advisory Group in Maryland, has been warning of such access to the nation's power grid for more than a decade.

Winkler, who writes about corporate espionage in his book, began his career at the National Security Agency. But his exploits in the private sector, testing security systems by breaking into banks and high-profile companies, caught the attention of many. He was inducted into the Information Systems Security Association Hall of Fame.

Penetrating Systems

"If you can send an e-mail, you can control the power grid," Winkler said. "In the last year we saw a GAO report about how the Tennessee Valley Authority (a federally owned corporation) intermingled their systems, and there is a report by the CIA that some were able to extort lots of money by charging people through the Italian power grid."

Winkler listed several ways the grid is vulnerable. "You have another case where a nuclear reactor shut itself down because a system on the business network of the company was unavailable, and when the business system was down the reactor shut itself down, and that shows there is a dependency on the business network to control the nuclear reactor in that case."

Last year Winkler was hired by a power company to penetrate its system. Within a day of their attack, Winkler and his team had taken over several machines and could hack into the control networks handling both power production and distribution.

The intruders have not yet made any attempts to damage the nation's power grid or any other key infrastructures, and one security expert questioned the timing of the news.

"It is somewhat a surprise -- or for the thoughtful reader, maybe not -- why such scare reports as 'Electricity Grid in U.S. Penetrated by Spies' emerge from time to time, and their coincidental timing with budget preparations," said security expert Jart Armin of HostExploit. "Director of National Intelligence Dennis Blair is again advising lawmakers of the dire consequences if the Department of Homeland Security is not provided immediately with an extra-large budget for cyber security."

Armin added that the American pubic should ask, before any further money is spent, what happened to the $17 billion allocated since 2001 to protect such utilities from cyber attacks.

Problems and Solutions

Armin questioned whether all recent reports -- including one sponsored by the Department of Homeland Security earlier this month -- alleging Chinese hackers were penetrating foreign ministries prove that any of the attacks are real.

"Within the small print of the reports {authors} are forced to stress there is no proof of such attacks actually coming from the Chinese or any other foreign government source," he said.

Winkler believes the problem lies with the power companies. "In my opinion, it is the nuclear or power companies being able to regulate themselves" that causes the vulnerabilities, Winkler said.

Armin, however, said there is a more tangible fix. "Quite frankly, modern solutions from free and open-source IDS (intrusion detection systems) would resolve such hacker issues, if they really exist," he said.

Image credit: iStock.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN NETWORK SECURITY
CRM DAILY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.