Slashdot Mirror

← Back to Stories (view on slashdot.org)

CIA Claims Cyber Attackers Blacked Out Cities

Posted by ScuttleMonkey on from the say-g'night-dick dept.

Dotnaught writes to tell us InformationWeek is reporting that the CIA admitted today that recent power outages in multiple cities outside the United States are the result of cyberattacks. "We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyberattacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."

8 of 280 comments (clear)

  1. Why are systems like this hooked onto the internet by munrom · · Score: 5, Insightful

    Am I the only one that thinks thats a really stupid thing to do?

  2. Something smells. by David+McBride · · Score: 5, Interesting
    Why are we hearing about this from the CIA, of all places? I thought counter-intelligence was the purview of the FBI, and signals intelligence the role of the NSA.

    Now add the fact that the US Director of National Intelligence has indicated that he wants to obtain the ability to monitor all Internet traffic data:

    "[...] the government must have the ability to read all the information crossing the Internet in the United States in order to protect it from abuse."

    Contrast this with a second Ars article from yesterday, where the US Federal Energy Regulation Commission has just approved new security regulations for the organizations (mostly private) that run the US electrical grid. Rather than blaming evil foreign hackers, Ars reports that:

    "FERC notes, in its usual bureaucratic style, that "poor vegetation management" has caused most of the problems relating to past regional blackouts."

    This all just sounds like an excuse to install packet loggers everywhere.

    (And it's not just the US authorities who want to lock down and control the Internet; the UK also recently indicated a desire to install censorship devices at the ISP level. Good luck with that.)
  3. Pfffft by Tablizer · · Score: 5, Funny

    That's ridiculous. Power and services don't just suddenly cu

    --
    Table-ized A.I.
  4. Re:Why are systems like this hooked onto the inter by Asmodai · · Score: 5, Informative

    That's why they invented out-of-band management tools long, long ago.
    Given the nature of how the internet works, having a dial-up line to a management console (who then requires authentication) is much better for OOB management than using the Internet.

    --
    Jeroen Ruigrok/Asmodai
  5. Re:15% solution by QuickFox · · Score: 5, Insightful

    but at least (in theory...) the president can ultimately be held accountable. That's extremely theoretical. In practice, he got reelected.
    --
    Terrorists can't threaten a country's freedom and democracy. Only lawmakers and voters can do that.
  6. Re:Why are systems like this hooked onto the inter by baileydau · · Score: 5, Interesting

    I thought the exact same thing. I'm no expert on power grids and how they're managed, but I think there are two possible reasons why their control systems were hooked up to the Internet:

    1. There may be situations where the systems need to be remotely administered, and using the Internet is a much, much cheaper way to facilitate this than deploying a completely private network infrastructure just for this purpose, which probably isn't very practical (for both physical and financial reasons).

    2. pr0n browsing. Actually here in Australia, the power generation company (at least in my state) does have it's own control network. It used to be Copper, but a while back they replaced it with fibre. They ended up with so much excess bandwidth that they wholesale it to companies. I assume they have their fibres separated from everyone else's.

    Option 2 may cut into their profits a bit though :P

    I haven't read TFA yet, but an attack from the Internet should *never* happen to something as important as this.

    Where I work, we have an In-Confidence network and some Protected stuff. Each level is ONLY allowed to connect to ONE level lower and then only via approved security mechanisms. So the In-Confidence can access the (Unclassified) Internet, but the Protected stuff can't talk to the Internet at all. Actually in our case we don't bother connecting the Protected stuff even to our In-Confidence network.

    I would assume a power control system would be much higher security than In-Confidence (that's pretty low - any decent business should be at least that level in reality), and thus not allowed to talk to the Unclassified Internet.

    This of course is for Government networks. The US power companies (as are most in Australia) are privately owned, so they don't have to worry about such trivial things as security rules.

    On a side note, I'm constantly amazed at the expectation of vendors and PHBs that we will automatically open up our network so that some stray vendor can remotely debug their dodgy application. Yea sure, we'll let you in from your totally unknown network that has only knows what security holes and stuff going on inside it to access our server(s) with elevated privileges. Especially when everyone working in our IT department has gone through a security clearance, and they have whoever they snagged off the street.

    Actually I've just had a look at TFA, and it doesn't have any sort of details on what / where (not USA) / when (well vaguely - recently) / why (profit ???) / how these attacks occurred.
    --
    Ever stop to think ... and forget to start again?
  7. I don't think so by commodoresloat · · Score: 5, Interesting

    This information was released at a major security conference. If they wanted to just scare everyone they would have released this info more directly to the public rather than at a meeting of specialists who could see through a line of BS. And if they were really going for the fear factor they'd leak this on a monday or tuesday morning, not at 6pm on the friday before a long weekend. It sounds to me like they want to diminish any possible panic, not amp it up. Notice they're not blaming terrorists or enemies either; the strong implication is organized crime with some kind of inside connections. I tend to be pretty skeptical of CIA but based on the little info that is here I'm guessing they're not making this up, and they probably are hoping that letting people know who are responsible for computer security at more localized levels will make it more likely for them to trace the perps.

  8. willful negligence vs gross negligence by SgtChaireBourne · · Score: 5, Funny

    You're right. Putting any kind of control system for critical public utilities on the internet is gross negligence.

    And if MS Windows is involved, then it escalates to willful negligence.

    --
    Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.