Wednesday, April 08, 2009

Computer Hackers Eye U.S. Power Grid

By Matt Williams

Computer spies from China, Russia and other countries are tunneling into the U.S. electricity grid with increasing frequency in order to study America's infrastructure, The Wall Street Journal reported Wednesday. An unnamed intelligence official told the newspaper that hackers have left behind software tools that could be turned on during a war in order to damage critical infrastructure systems.

The revelation comes amid growing public sentiment for transforming the U.S. electrical grid into a "smart grid." It would rely upon IT to help utility companies manage peak loads and allow consumers to sell back excess power to the grid during off-peak hours.

An estimated $11 billion from the economic stimulus bill President Barack Obama signed in February is dedicated to enacting standards for the smart grid and funding test cases. Millions of sophisticated "smart meters" have already been installed in homes in cities such as Los Angeles; Austin, Texas; and Boulder, Colo.

Industry insiders expect the federal government to release guidance for the stimulus money as soon as next week. Analysts say a nationwide build-out of the smart grid ultimately could cost trillions of dollars.

Watchdogs caution that the smart grid could be a hacker's paradise because its network of sensors, wireless technology and home-based energy meters would allow multiple entry points into the system. CNN.com reported last month that security services firm IOActive determined a malicious hacker "with $500 of equipment and materials and a background in electronics and software engineering" could simultaneously take command of smart-grid metering infrastructure of thousands or millions of homes and businesses.

Power Industry Aware of Security Deficiencies

A December 2008 report from the U.S. Department of Energy's Electricity Advisory Committee said utilities are increasingly using digital devices in substations to improve protection and increase reliability and control. "However, these remotely accessible and programmable devices can introduce cyber-security concerns," according to the report. While smart-grid technology offers more layers of control, it will require built-in security during the implementation, according to the report.
The North American Electric Reliability Corp. (NERC) has developed Critical Infrastructure Protection standards to address cyber-security issues. But in a letter to its members Tuesday, NERC Chief Security Officer Michael Assante expressed concern that only a third of them had identified "critical assets" and "cyber-critical assets."

"One of the more significant elements of a cyber-threat, contributing to the uniqueness of cyber-risk, is the crosscutting and horizontal nature of networked technology that provides the means for an intelligent cyber-attacker to impact multiple assets at once, and from a distance," Assante wrote.

In February, Obama ordered a 60-day cyber-security review of how well the federal government thwarts cyber-attacks. The findings are due next week.


Technorati Tags:

Sunday, April 05, 2009

Canadian Researchers Uncover Vast Spy Network

WASHINGTON (Reuters) - Canadian researchers have uncovered a vast electronic spying operation that infiltrated computers and stole documents from government and private offices around the world, including those of the Dalai Lama, The New York Times reported on Saturday.

In a report provided to the newspaper, a team from the Munk Center for International Studies in Toronto said at least 1,295 computers in 103 countries had been breached in less than two years by the spy system, which it dubbed GhostNet.

Embassies, foreign ministries, government offices and the Dalai Lama's Tibetan exile centers in India, Brussels, London and New York were among those infiltrated, said the researchers, who have detected computer espionage in the past.

They found no evidence U.S. government offices were breached.

The researchers concluded that computers based almost exclusively in China were responsible for the intrusions, although they stopped short of saying the Chinese government was involved in the system, which they described as still active.

"We're a bit more careful about it, knowing the nuance of what happens in the subterranean realms," said Ronald Deibert, a member of the Munk research group, based at the University of Toronto.

"This could well be the CIA or the Russians. It's a murky realm that we're lifting the lid on."

A spokesman for the Chinese Consulate in New York dismissed the idea China was involved. "These are old stories and they are nonsense," the spokesman, Wenqi Gao, told the Times. "The Chinese government is opposed to and strictly forbids any cybercrime."

The Toronto researchers began their sleuthing after a request from the office of the Dalai Lama, the exiled Tibetan spiritual leader, to examine its computers for signs of malicious software, or malware.

The network they found possessed remarkable "Big Brother-style" capabilities, allowing it, among other things, to turn on the camera and audio-recording functions of infected computers for potential in-room monitoring, the report said.

The system was focused on the governments of South Asian and Southeast Asian nations as well as on the Dalai Lama, the researchers said, adding that computers at the Indian Embassy in Washington were infiltrated and a NATO computer monitored.

The report will be published in Information Warfare Monitor, an online publication linked to the Munk Center.

At the same time, two computer researchers at Cambridge University in Britain who worked on the part of the investigation related to the Tibetans are releasing an independent report, the Times said.

They do fault China and warned that other hackers could adopt similar tactics, the Times added.

(Writing by Paul Simao; Editing by Peter Cooney)
Technorati Tags: