Cyber-Hackers Could Cripple US Power Grid Network
Foreign hackers have reportedly managed to break into the computer network controlling the nation's power grid. The discovery has raised alarm about how such unauthorized access could be used to harm the U.S., though the discovery may motivate actions to strengthen the security systems surrounding the nation's infrastructure.
A Wall Street Journal report that foreign hackers have repeatedly penetrated the U.S. power grid computer network has delivered a loud wake-up call.
Cyber-spies from countries including China and Russia have breached the electrical infrastructure's computer network and left software tools behind that would have allowed them to control or destroy infrastructure components, according to the report. The breaches also involved water, sewage and other infrastructure systems.
"Hacking our critical infrastructure really isn't a big play for cyber-criminals. They are not going to get enough bang for the buck, so to say. It shouldn't have happened. We are going about hardening our critical infrastructure. I see a lot of really good efforts taking place to harden it," Paul Henry, forensic and security analyst for Lumension, told TechNewsWorld.
Cause for Alarm?
Companies involved with protecting the grid often conduct penetration tests and audit activity logs for signs of trouble within the infrastructure. However, the infrastructure's apparent compromise was not discovered through these routine internal methods.
Many of these intrusions were detected by U.S. intelligence agencies rather than by the companies in charge of the infrastructure, according to the report. That is causing intelligence officials to worry about cyber-attackers taking control of electrical facilities, nuclear power plants or financial networks via the Internet.
Federal authorities said they do not know the specific goals of the intrusions other than perhaps hackers attempting to learn how to navigate through the infrastructure. No damage to the infrastructure has been reported. The real potential for harm could come in connection with a future crisis or war. The spying appeared to occur at various points throughout the grid rather than a specifically targeted utility company or region of the country.
"The scary thing is that we don't know why they are doing this. There has been probing and attempts since the Internet was put together. People talk about these potential cyber-attacks as being part of some physical event," Doug Jacobson, chief technology officer and founder of Palisade Systems, told TechNewsWorld.
While the intrusions should have been blocked or at least discovered by the grid's own security measures, some good will come out of the discovery, according to Jacques Erasmus, director of research for Prevx. Now officials have to ensure that security gets beefed up.
"It's definitely a big deal whenever a piece of critical infrastructure gets compromised and puts access in the hands of wrong people," Jacobson said.
Cyber-spies gaining access to the infrastructure is not necessarily a doom and gloom scenario. By itself, that may pose little threat.
"This is not the cause for panic. The power grid is designed as a separate central network for the infrastructure. Over the last five to seven years, developers have been migrating it to the Windows platform. This makes the grid more vulnerable. If this causes a quick review of our internal systems, that will be very positive. The sky is not falling. It's just supported by rickety struts," Richard Stiennon, founder and principal analyst for IT Harvest, told TechNewsWorld.
The real problem may lie with the leverage foreign hackers could gain in concert with other, more traditional attacks. Hackers are not going to create enough terror by just taking out the power for a few hours, noted Henry.
"But it is incredibly useful as an amplification of an attack. If you can get the ability to get into the grid and have the ability to shut down power to specific segments, it is a large terrorist advantage. If you launch a traditional terrorist attack in that region and can shut down the electricity at the same time, you can interfere with emergency responders," Henry explained.
More to Come?
However, Henry is sure that federal authorities will discover more details as they continue to investigate the breaches. However, there still exists concern that what is not yet known can still harm the country.
"The question is, how long has this been happening? It shows that the existing methods aren't sufficient to prevent it," Erasmus said.
Still, Henry, who has been involved in numerous penetration tests of the grid and participated in its security analysis, is not overly concerned.
"I don't want to suggest that the enemy is going to take down our electrical structure. That just is not the case. But I'm sure much more is going to be uncovered. I'm sure we are just looking at the tip of the iceberg at this point," he warned.
Call for Action
As more details are learned about the breaches, security agencies will apply solutions, Jacobson suggested.
"This is useful that it happened. It raises the awareness of the players involved. What has to happen now is that the government will focus on putting more money into security and not just computers," he said.
There is little doubt that the discovery of intruders in the power grid will draw a swift response, predicted Henry.
"I think that the current efforts in the U.S. to take a serious look at our critical infrastructure is going to unmask a lot of this. We have an unprecedented opportunity to root out any access they may have gained before any damage happens," he concluded.