CIA Says Hackers Have Cut Power Grid

CIA Says Hackers Have Cut Power Grid

www.pcworld.com

Criminals have been able to hack into computer systems via the Internet and cut power to several cities, a U.S. Central Intelligence Agency analyst said this week.

Speaking at a conference of security professionals on Wednesday, CIA analyst Tom Donahue disclosed the recently declassified attacks while offering few specifics on what actually went wrong.

(visit the link for the full news article)


Related News Links:
www.washingtonpost.com
www.forbes.com

Well now, why would the CIA be bringing this out now?

From the Wash post link:

He said he thinks the attacks were launched from computers belonging to foreign governments or militaries, not terrorist groups.

Hmmm, which foreign government has been blamed for cyber attacks recently?

CHINA? Could they be behind this new form of extortion?

Is this being announced to set a new mandate to upgrade security systems to line the pockets of companies friendly to the administration?

I don't know, but I always smell fish when the CIA says something.


www.pcworld.com
(visit the link for the full news article)

reply to post by JacKatMtn


i think CIA false flag operations to terrorize americans to accept a police dictatorial state

reply to post by JacKatMtn


China? Maybe, I know they are really bad for coming up with viruses, and ways of cheating people out of money ect with computers. They are way ahead of us in technology.

Hilda

The CIA is full of **** on this one. (They usually are anyways).

Nobody creates a power grid control system, then links it to the internet.

The power infrastructure is a high priority for local governments, hence, they never rely on internet communications to communicate with each node.

(Imagine how hard it would be to turn the power back on, when those nodes you are trying to start rely on the internet, which also needs power.)


Basically what I am trying to get at is The power grid is a standalone system, and cannot be hacked into from outside.


You can no more hack a power grid from china, than you can hack my pocket-watch from there.

reply to post by hildar


It is speculation on my part pointing the finger at China but they do maufacture alot of computer components and have been accused of cyber attacks in the past so I would look their way if I started to investigate these breaches of security.

I wouldn't be surprised if they build some backdoor accesses into some of the electronic components that they build just for the purpose of hacking into them when needed.

Remember this is PURE speculation, I could just be suffering the effects of too much conspiracy material, but it sounds entertaining, good movie material

This is not a good thought but if they could shut the power off couldnt they actually blow up a nuclear plant the same way?

Hilda

Reminiscent of the Die Hard 4 plot. I wonder if that's breaking the ice on a future "fire sale" operation. Just sayin...

[edit on 19-1-2008 by Shar_Chi]

reply to post by johnsky

There is a bridge. How do you think you can now access your meter usage next-day via a web interface? I've never worked for a power company's network operations, but I do know that if it is possible to access usage data from the public network, a route exists between that interface and the power management system. It may be heavily fortified, but nothing is perfect.

The cost of modernization is more convoluted vulnerability. As long as humans write the code there will be bugs that can be exploited.

Is it China? Dunno, but odds are good. The cyberwar has been raging for a while now.

I would still look into the validity of this.

I cannot see a way that infrastructure management would allow the control systems to be linked to the internet.
Intuition tells me that while the data from the usage of the power grid may be relayed to the internet, the control systems themselves would be a separate system altogether.

If this is true, then this needs to go straight to press. The public needs to know that the CIA is intentionally lying to them.

If not, then it still needs to go to press, and a bill needs to pass to make the separation of control systems law.

... I think it kinda already is going to the press.

Just one more reason to get off-grid.

translation:

The CIA spooks managed to access some power grids somewhere or other at some point in time and control them, no doubt using hardware we have no idea of even existing. Then, they create a terror threat out of it by claiming that some ' foreign ' entity did it. Maybe the CIA guy who did it was not in the USA, so that could be true!

In any event, if a stand alone electric system was not linked to the net, then only physical penetration or insider cooperation could account for a power outage.

The power plant control system is a closed circuit system just as every other government institution. There is no direct link via the internet.

one possible reason for bringing this up would be to increase powers in domestic computer spying / control as a matter of national security.

Hmm. The article states that these attacks were on power plants outside of the USA. All this speculation on how American power companys network their control systems is really missing the point. We need to know what cities and country these attacks took place in. Then we might be able to discuss the issue logically.

I have had the opportunity to see computer networks at industrial plants inside of the USA. Most of the time the computers used to operate the plant are only isolated from the internet by a few server hops. Most places want to allow the Boss's to view what the operators are doing from a remote computer. This comes in handy when the boss just wants to sit at his own desk and see what the operators are doing. Most of the Boss's will have an internet connection for email and such. This creates the bridge between the operators and the WAN. Even with this type of setup it is still extremely difficult to hack from the WAN to the LAN. Which leads me to believe that they had inside help. It would only take a matter of minutes for a person with the right skill to tunnel out of the network and establish a link to a outside source.

Yeah I think the CIA has been watching too many fictional hacking movies. War Games lol

Give me a break please. The CIA seems to only tell lies. It's like they are working against Americans.

Just last week hackers were able to infiltrate my home and disable a 60 watt bulb from proper operation.

I setup a firewall by unplugging the device and installing a CFL.

Perhaps I should go solar?

reply to post by Shar_Chi


I was thinking the same thing, I joked about it another thread yesterday about hacking bank websites but with this news it is looking less like a joke.

I have a friend that can kill darn near anything . He has access to the control for most isp services (can give and take internet at will) And allot of other crazy stuff . I wouldn't doubt Russia or Russian sites are resopnsible . Ask the owner of this forum what the most common extension for email of forum spammers is. I would bet 10$ it would be .ru At least in my experience it is .

For reference on the power grid and vulnerabilities, I found a couple of items that gives a little info on the topic.

The first is a Washington Post piece from 2005 discussing attacks.

Hackers Target U.S. Power Grid (2005)

Hundreds of times a day, hackers try to slip past cyber-security into the computer network of Constellation Energy Group Inc., a Baltimore power company with customers around the country.

"We have no discernable way of knowing who is trying to hit our system," said John R. Collins, chief risk officer for Constellation, which operates Baltimore Gas and Electric. "We just know it's being hit."

This is an assessment from Ira Winkler from last November discussing the security of the power grid

How to Take Down the Power Grid

The first time I broke into our country’s electrical power grid was a decade or so ago. Hacking into the control systems set up by utility companies wasn’t surprising then, and it isn’t surprising now. While people find this shocking, it really isn’t. When you think about how insecure computer infrastructures are, why would you think that the power grid would be any more secure? Frankly, the power grid is even less secure than most other computer networks. I wrote about it many times, including some details in my recent book, Spies Among Us.

All of this came back to me as I watched news stories about “Hackers Blow Up a Generator.” The Department of Homeland Security (DHS) put out a video showing a test from Idaho Nuclear Laboratory where someone broke into a SCADA (Supervisory Control and Data Acquisition) computer and caused the generator to run wild until it blew itself up.

As someone already said. Not possible.

Someone on the goverments side messed up or created a story.

YOU CAN NOT CONTROL A NODE WITHOUT DIRECT ACCESS.

You do not put something like the powergrid on a publically accessible network and people know it, even Americans (no offence, I'm just angry..at CIA).

If anything did happen the CIA did it or an energy firm did. NOT the Chinese or Iran or Korea or Syria or Iraq or Pakistan (I'm not saying they'd point the blame in thier direction, but..you know).



They love making the news up