Hackers Have Attacked Foreign Utilities, CIA Analyst Says
|Over the past year to 18 months, there has been "a huge increase in focused attacks on our national infrastructure networks, . . . and they have been coming from outside the United States Ralph Logan, principal of the Logan Group, cybersecurity firm
related: Blackout 2003 Revisited
CIA Launches Hunt for International Computer Hackers Threatening to Hold Cities Ransom By Shutting Off Power
A Power-Grid Report Suggests Some Dark Days Ahead
US Video Shows Hacker Hit on Power Grid
Blackouts: The Power Grid Is Too Sensitive for Its Own Good
Power Grid Raise Concerns Raised About Power Reliability
January 19, 2008
By Ellen Nakashima and Steven Mufson
Washington Post Staff Writers and Washington Post Staff Writers
In a rare public warning to the power and utility industry, a CIA analyst this week said cyber attackers have hacked into the computer systems of utility companies outside the United States and made demands, in at least one case causing a power outage that affected multiple cities.
"We do not know who executed these attacks or why, but all involved intrusions through the Internet," Tom Donahue, the CIA's top cybersecurity analyst, said Wednesday at a trade conference in New Orleans.
Donahue's comments were "designed to highlight to the audience the challenges posed by potential cyber intrusions," CIA spokesman George Little said. The audience was made up of 300 U.S. and international security officials from the government and from electric, water, oil and gas companies, including BP, Chevron and the Southern Co.
"We suspect, but cannot confirm, that some of the attackers had the benefit of inside knowledge," Donahue said. He did not specify where or when the attacks took place, their duration or the amount of money demanded. Little said the agency would not comment further.
The remarks come as cyber attackers have made increasingly sophisticated intrusions into corporate computer systems, costing companies worldwide more than $20 billion each year, according to some estimates.
Cyber extortion is a growing threat in the United States, and attackers have radically increased their take from online gambling sites, e-commerce sites and banks, which pay the money to prevent sites from being shut down and to keep the public from knowing their sites have been penetrated, said Alan Paller, research director at the SANS Institute, the cybersecurity education group that sponsored the meeting.
"The CIA wouldn't have changed its policy on disclosure if it wasn't important," Paller said. "Donahue wouldn't have said it publicly if he didn't think the threat was very large and that companies needed to fix things right now."
Over the past year to 18 months, there has been "a huge increase in focused attacks on our national infrastructure networks, . . . and they have been coming from outside the United States," said Ralph Logan, principal of the Logan Group, a cybersecurity firm.
It is difficult to track the sources of such attacks, because they are usually made by people who have disguised themselves by worming into three or four other computer networks, Logan said. He said he thinks the attacks were launched from computers belonging to foreign governments or militaries, not terrorist groups.
read full article: http://www.washingtonpost.com/wp-dyn/content/article/2008/01/18/AR2008011803277_pf.html