January 20th, 2008
Hackers attacking US utilities overseas
Cyber warfare isn’t just concerned with military and intel computers. Hackers have also attacked foreign facilities of US power utilities, according to a CIA analyst. The Washington Post reports that Tom Donahue, the CIA’s top cybersecurity analyst, told an audience of utility security pros:
“We do not know who executed these attacks or why, but all involved intrusions through the Internet. We suspect, but cannot confirm, that some of the attackers had the benefit of inside knowledge.
The comments are notable because the CIA has had a no-comment policy on cyberattacks.
“The CIA wouldn’t have changed its policy on disclosure if it wasn’t important,” said Alan Paller, research director at the SANS Institute, the cybersecurity education group that sponsored the meeting. “Donahue wouldn’t have said it publicly if he didn’t think the threat was very large and that companies needed to fix things right now.”
As in so many areas, the convenience of the Net has also opened up security holes. Technology allows utilities to monitor and reset valves, switches and so on remotely over the Net. But the bad guys can also sabotage utilities over the Net too, Logan said.
There is some progress, though. On Thursday, the Federal Energy Regulatory Commission approved eight cybersecurity standards for electric utilities: identity controls, training, security “perimeters,” physical security of critical cyber equipment, incident reporting and recovery.
“Cybersecurity is a different kind of threat,” Joseph T. Kelliher, FERC chairman, said. “This threat is a conscious threat posed by a single hacker, or even an organized group that may be deliberately trying to disrupt the grid.”
