Nothing has ever changed the world as quickly as the Internet has. Less than a decade ago, "60 Minutes" went to the Pentagon to do a story on something called information warfare, or cyber war as some people called it. It involved using computers and the Internet as weapons.
Much of it was still theory, but we were told that before too long it might be possible for a hacker with a computer to disable critical infrastructure in a major city and disrupt essential services, to steal millions of dollars from banks all over the world, infiltrate defense systems, extort millions from public companies, and even sabotage our weapons systems.
Today it's not only possible, all of that has actually happened, plus a lot more we don't even know about.
It's why President Obama has made cyber war defense a top national priority and why some people are already saying that the next big war is less likely to begin with a bang than a blackout.
More...
"Can you imagine your life without electric power?" Retired Admiral Mike McConnell asked correspondent Steve Kroft.
...
"If I were an attacker and I wanted to do strategic damage to the United States, I would either take the cold of winter or the heat of summer, I probably would sack electric power on the U.S. East Cost, maybe the West Coast, and attempt to cause a cascading effect. All of those things are in the art of the possible from a sophisticated attacker," McConnell explained.
"Do you believe our adversaries have the capability of bringing down a power grid?" Kroft asked.
"I do," McConnell replied.
Asked if the U.S. is prepared for such an attack, McConnell told Kroft, "No. The United States is not prepared for such an attack."
...
Four months after taking office, Obama made those concerns part of our national defense policy, declaring the country's digital infrastructure a strategic asset, and confirming that cyber warfare had moved beyond theory.
"We know that cyber intruders have probed our electrical grid, and that in other countries cyber attacks have plunged entire cities into darkness," the president said.
President Obama didn't say which country had been plunged into darkness, but a half a dozen sources in the military, intelligence, and private security communities have told us the president was referring to Brazil.
Several prominent intelligence sources confirmed that there were a series of cyber attacks in Brazil: one north of Rio de Janeiro in January 2005 that affected three cities and tens of thousands of people, and another, much larger event beginning on Sept. 26, 2007.
That one in the state of Espirito Santo affected more than three million people in dozens of cities over a two-day period, causing major disruptions. In Vitoria, the world's largest iron ore producer had seven plants knocked offline, costing the company $7 million. It is not clear who did it or what the motive was.
"In 2007 we probably had our electronic Pearl Harbor. It was an espionage Pearl Harbor," Lewis said. "Some unknown foreign power, and honestly, we don't know who it is, broke into the Department of Defense, to the Department of State, the Department of Commerce, probably the Department of Energy, probably NASA. They broke into all of the high tech agencies, all of the military agencies, and downloaded terabytes of information."
How much is a terabyte?
"The Library of Congress, which has millions of volumes, is about 12 terabytes. So, we probably lost the equivalent of a Library of Congress worth of government information in 2007," Lewis explained.
"All stolen by foreign countries?" Kroft asked.
"Yeah. This was a serious attack. And that's really what made people wake up and say, 'Hey, we've got to get a grip on this,'" Lewis said.
But since then, there has been an even more serious breach of computer security, which Lewis called the most significant incident ever publicly acknowledged by the Pentagon.
Last November, someone was able to get past the firewalls and encryption devices of one of the most sensitive U.S. military computer systems and stay inside for several days.
"This was the CENTCOM network," Lewis explained. "The command that's fighting our two wars. And some foreign power was able to get into their networks. And sit there and see everything they did. That was a major problem. And that's really had a big effect on D.O.D."
Of all the critical components in the U.S. infrastructure, the power grid is one of the most vulnerable to cyber attack. The U.S. government has control of its own computers and those of the military. The power grid, which is run and regulated by private utilities, is unbeholden to government security decrees.
...
...the companies are under no obligation to fix the vulnerabilities, which was graphically demonstrated in a much more realistic fashion at the Idaho National Labs two years ago in a project called "Aurora."
A group of scientists and engineers at the Department of Energy facility wanted to see if they could physically blow up and permanently disable a 27-ton power generator using the Internet.
"If you can hack into that control system, you can instruct the machine to tear itself apart. And that's what the Aurora test was. And if you've seen the video, it's kind of interesting, 'cause the machine starts to shudder. You know, it's clearly shaking. And smoke starts to come out. It destroys itself," Jim Lewis explained.
Asked what the real-world consequences of this would be, Lewis said, "The big generators that we depend on for electrical power are one, expensive, two, no longer made in the U.S., and three, require a lead time of three or four months to order them. So, it's not like if we break one, we can go down to the hardware store and get a replacement. If somebody really thought about this, they could knock a generator out, they could knock a power plant out for months. And that's the real consequence."
"My impression is most people understand that there is a threat out there. I don't think most people understand that there are incidents that are happening," Kroft remarked.
The outage, which started at 10:15 pm Tuesday (0015 GMT Wednesday), originated at the Itaipu hydroelectric plant that straddles the border between Brazil and Paraguay, supplying both with much of their energy needs.
Brazilian Energy Minister Edson Lobao said it was not yet known what caused the unprecedented "complete paralysis" of the entire plant, but speculated that lightning from a storm might have shorted one of the facility's five high-tension supply lines.
The plant provides around 20 percent of the energy needs of Brazil, Latin America's most populous and economically important nation.
Paraguay, which gets 90 percent of its electricity from the installation, was virtually without power for at least 15 minutes because of the problem, according to reports.
...
...estimated that 50 million people, or more than a quarter of Brazil's 190-million-strong population, were suddenly thrown into the dark.
Link.
Explanation sought over Brazil blackout
Brazil's president sought an urgent explanation for the worst power outage in a decade...
...
An energy ministry official said that initial findings showed the outage was triggered when a major storm downed three power lines that run from the giant Itaipu hydroelectric dam on Brazil's border with Paraguay.
...
But some energy experts questioned whether a storm could cause such a widespread power outage in two countries.
...
Zimmermann denied that the problem could have been caused by computer hackers.
Brazil blackout cause uncertain, president says
Brazil's president suggested Friday that bad weather may not have caused a massive blackout that left nearly a third of the population without electricity, saying he'll wait for an investigation to conclude how the outage happened.
President Luiz Inacio Lula da Silva backed off earlier claims by his energy minister that strong storms, wind and lightning caused a failure in transmission lines — after the government's own satellite imagery showed that lightning strikes were neither close enough nor strong enough to cause such damage.
