US Electricity Grid Reportedly Penetrated By Spies

← Back to Stories (view on slashdot.org)

US Electricity Grid Reportedly Penetrated By Spies

Posted by kdawson on Tuesday April 7, 2009 @09:05PM from the im-in-ur-wirez-eatin-ur-lectrons dept.

phantomfive worries about a report in the Wall Street Journal ("Makes me want to move to the country and dig a well") that in recent years a number of cyber attacks against US infrastructure have been launched over the Internet: "Cyberspies have penetrated the US electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials. The spies came from China, Russia, and other countries, these officials said, and were believed to be on a mission to navigate the US electrical system and its controls. The intruders haven't sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war."

33 of 328 comments (clear)

Min score:

Reason:

Sort:

Remember, folks... by Anonymous Coward · 2009-04-07 21:07 · Score: 5, Insightful

...you must live in perpetual fear. Whenever you're starting to focus on the reality of life, new fear WILL be injected into it to distract you. This is how the natural order sustains itself.
1. Re:Remember, folks... by riskyrik · 2009-04-07 21:39 · Score: 1, Insightful
  
  Mod parent up plse. He refers correctly to the type of brainwashing the way the Bush administration has pursuid the last 8 years. Off course there are still a number of elements present that continue this style up to today.
  
  --
  less is more
2. Re:Remember, folks... by oodaloop · 2009-04-07 21:48 · Score: 5, Insightful
  
  Uh, does that mean that there aren't real dangers for which we need to be prepared? Might want to check your bathwater for babies before tossing it out.
  
  --
  Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
3. Re:Remember, folks... by Opportunist · 2009-04-07 21:50 · Score: 5, Insightful
  
  Are there real threats? Yes, of course there are. But when enough scaremongering is mixed into them, you get the reaction that the OP AC shows: Cry wolf once too often and people will ignore you.
  Also, there are a few things that I'd consider a lot more dangerous and worrysome that you don't hear about at all. Intentionally or not, your decision.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
4. Re:Remember, folks... by oodaloop · 2009-04-07 22:22 · Score: 4, Insightful
  
  How is a former official talking about a real threat scare-mongering? Should he have just kept quiet instead?
  
  --
  Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
5. Re:Remember, folks... by afxgrin · 2009-04-07 22:39 · Score: 5, Insightful
  
  Not to mention the creation of an alien enemy. Obviously - OBVIOUSLY - the IP addresses come from Russia and China - and in no way could a proxy be used from those countries - by an American. No way that could ever happen.
  Obviously the spies are Russian or Chinese, because Americans would have no reason to hack into their own government's systems.
6. Re:Remember, folks... by Opportunist · 2009-04-07 22:48 · Score: 3, Insightful
  
  There are many real threats (assuming this one is). Why do we get to hear about this one now? Is it coincidence that this surfaces at the 'right' time when security money is being redistributed?
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
7. Re:Remember, folks... by totally+bogus+dude · 2009-04-07 23:45 · Score: 5, Insightful
  
  Probably not coincidence, but that doesn't mean it's sinister or improper. If you knew of a significant threat that wasn't being addressed, and it was that time when the People In Charge were working out where to spend money (i.e. are actively seeking information and advice on the most effective use of their funds), wouldn't that seem like an ideal time to try to raise awareness of it?
  Or would you prefer to wait until there's no money to spend and nobody currently in a position to do anything about it before announcing it?
  Not saying it isn't all another scam to get free money, but just because it might be doesn't mean it is.
8. Re:Remember, folks... by cayenne8 · 2009-04-08 00:00 · Score: 4, Insightful
  
  I think the larger, basic question is:
  What the hell are systems like the electric grid doing hooked in any fashion to the publicly accessible internet?? These should be on their own network, separate and apart from anything that touches the public wan.
  Seems like that would have been a no brainer?!?!
  
  --
  Light travels faster than sound. This is why some people appear bright until you hear them speak.........
9. Re:Remember, folks... by Chabil+Ha' · 2009-04-08 00:51 · Score: 3, Insightful
  
  Not necessarily. One of the cornerstones of Marxism (gasp!, not in US!) is the concept of perpetual revolution. If there is always a target, always a crusade against the badies, the government can more easily legitimatize and perpetuate bad policy (ie domestic wiretapping). This is always advertised as being for the good (but always at the expense) of the whole of the people. The vain promise, the mirage on the horizon, is a safer, happier people. The world will be secure from the bad guys!
  
  --
  We're all hypocrites. We all have hidden parts, it's the contrast between them that make us more a hypocrite than others
10. Re:Remember, folks... by Curunir_wolf · 2009-04-08 00:59 · Score: 4, Insightful
  Mod parent up plse. He refers correctly to the type of brainwashing the way the Bush administration has pursuid the last 8 years. Off course there are still a number of elements present that continue this style up to today.
  You mean like the Obama elements?
  
  "Profound economic emergency"
  "[could] turn a crisis into an irreversible catastrophe"
  "paralysis" and "disaster"
  "the federal government is the only entity left with the resources to jolt our economy back to life."
  "...but I can tell you with complete confidence that a failure to act will only deepen this crisis...."
  --
  "Somebody has to do something. It's just incredibly pathetic it has to be us."
  --- Jerry Garcia
11. Re:Remember, folks... by wytcld · 2009-04-08 01:18 · Score: 3, Insightful
  
  If you have segregated networks, all the spy needs to do is find a single place to tap into your "secure" one, and you're toast. You thought it was secure, so you didn't lock it down properly. And somebody, somewhere left a way in, an unguarded terminal, or cheated and put a cross-connect to the public net for his own convenience, thinking it would never be found.
  If it's all on the public net, but thoroughly locked down with good security and encryption protocols, and tight firewalls, you may be in better shape. You know it's dangerous to let your guard down. And we're also pretty confident we have protocols which, when applied to spec, are truly cryptographically strong, and so forth.
  Plus it's a lot cheaper than building out a whole nother net, including access for your critical engineer who's off at a conference somewhere when the unpredicted crisis with the unique system in your plant that she's the genius about requires immediate attention. Sometimes making sure the right people have solid access from anywhere they are is also essential to security. The public net - with the right protocols - does that.
  
  --
  "with their freedom lost all virtue lose" - Milton
12. Re:Remember, folks... by ArcherB · 2009-04-08 01:24 · Score: 4, Insightful
  Mod parent up plse. He refers correctly to the type of brainwashing the way the Bush administration has pursuid the last 8 years. Off course there are still a number of elements present that continue this style up to today.
  You mean like the Obama elements?
  
  "Profound economic emergency"
  "[could] turn a crisis into an irreversible catastrophe"
  "paralysis" and "disaster"
  "the federal government is the only entity left with the resources to jolt our economy back to life."
  "...but I can tell you with complete confidence that a failure to act will only deepen this crisis...."
  You have the "Create a crisis" part down, but you forgot the "Profit" line.
  
  "Never let a serious crisis go to waste." -- Rahm Emanuel (Obama's Rove)
  --
  There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
13. Re:Remember, folks... by Rich0 · 2009-04-08 01:39 · Score: 4, Insightful
  
  Why not have both? Use the most secure protocols in existence to protect your network, and then as an added measure against zero-day exploits provide strong physical security to keep people out of this network.
  Such a piece of critical infrastructure shouldn't depend on any one human being who might be at a conference and need remote access. When a balistic missle submarine 1000 feet under the ocean is interpreting orders to nuke some foreign country do they depend on being able to reach some particular person to ask questions? Any system critical to national security must be engineered so that it is completely self-sufficient in a crisis.
  Electrical grids are very critical to national security. A well-planned attack could leave melted transmission lines, damaged generators and gearboxes, and a nationwide blackout in its wake. With the possibility of substantial physical damage it isn't like you could just repair from this kind of catastrophe in a few days - or even weeks. Power plants are physical machines that have a symphony of fast-moving parts with thousands of tons of force being transmitted - a well-engineered attack could result in major failures.
  Power grids should have as much security as any other piece of critical military infrastructure. They're going to be targets in any attack. The networks should be subject to routine penetration testing and auditing. Access needs to be the minimum needed to do any particular job. The system should be reasonably partitioned so that one spy getting a job in one office somewhere doesn't subject the entire system to compromise. Those who circumvent authorized procedures (rogue access points, bridges, etc) should be made public examples with criminal penalties. People should be given the funds needed to do their jobs right, and then should be expected to do them right.
  Security is just a matter of being thorough and not cutting corners. There is a lot at stake here. I don't really care who is behind these penetrations (Chinese, hackers, whatever) - the blame rests with the folks who should be protecting this infrastructure.
14. Re:Remember, folks... by Opportunist · 2009-04-08 01:53 · Score: 5, Insightful
  
  I can well understand that. And I actually see the whole deal as an attempt to cover their butts to show that they "did something" concerning the threat. They'd be eaten alive by the media if something happened and nothing had been done.
  9/11 is a prime example. What was the first thing we heard? The FBI knew ages before the attack that something like this was planned. Sure they did. And they also heard about a thousand other things that never happened.
  You cannot prepare for everything. I do not expect that. I do expect reasonable preparations, at the most. My liberty is worth more than my life, and I do expect my government to primarily protect my freedom. If the solution to the terrorist craze is to eliminate all freedom then, well, why bother fighting? After all, a regime of terror, fear and total control is pretty much what the terrorists allegedly want to create for us. If we do that ourselves, do we really win?
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
15. Re:Remember, folks... by SirGeek · 2009-04-08 01:56 · Score: 4, Insightful
  
  If you have segregated networks, all the spy needs to do is find a single place to tap into your "secure" one, and you're toast. You thought it was secure, so you didn't lock it down properly. And somebody, somewhere left a way in, an unguarded terminal, or cheated and put a cross-connect to the public net for his own convenience, thinking it would never be found.
  Tha WOULD require them physical access to the facility. None of the control centers are going to just "allow" someone access to their network, let alone physical access to the facility. We are told to notify security (who will notify the police officer in the guard shack) if we see anyone who isn't badged.
  
  If it's all on the public net, but thoroughly locked down with good security and encryption protocols, and tight firewalls, you may be in better shape. You know it's dangerous to let your guard down. And we're also pretty confident we have protocols which, when applied to spec, are truly cryptographically strong, and so forth.
  The Control Centers aren't supposed to take that risk. Its separate the control centers from the company network AND from direct access to the internet.
  
  Plus it's a lot cheaper than building out a whole nother net, including access for your critical engineer who's off at a conference somewhere when the unpredicted crisis with the unique system in your plant that she's the genius about requires immediate attention. Sometimes making sure the right people have solid access from anywhere they are is also essential to security. The public net - with the right protocols - does that.
  Is it ? Can you honestly say that even the remote possiblity of a compromised system is worth the cost savings if it affects that existence of your company (as a control center) ?
  You have THAT room connected to specific routers that only allow "limited" access and ensure that the users can't install software that would compromise that system. You block their access to ANYTHING that they don't need for business reasons. PERIOD.
  
  --
  UPS Sucks
16. Re:Remember, folks... by cayenne8 · 2009-04-08 02:04 · Score: 2, Insightful
  
  "When a ballistic missle submarine 1000 feet under the ocean is interpreting orders to nuke some foreign country do they depend on being able to reach some particular person to ask questions?
  Yes, actually. He's called the President."
  Trust me...when those subs get their orders, and they are verified by the means they use. They do NOT resurface to radio in and ask the president "Are you really, really sure?"
  
  --
  Light travels faster than sound. This is why some people appear bright until you hear them speak.........
17. Re:Remember, folks... by furby076 · 2009-04-08 02:17 · Score: 2, Insightful
  
  Are there real threats? Yes, of course there are. But when enough scaremongering is mixed into them, you get the reaction that the OP AC shows: Cry wolf once too often and people will ignore you. Also, there are a few things that I'd consider a lot more dangerous and worrysome that you don't hear about at all. Intentionally or not, your decision.
  I disagree with your cry wolf. Lets say someone says there is a threat and everyone needs to be prepared and we are going to invest tons of resources to stop the threat. Now we stopped the threat before anything happened. Does that mean we cried wolf? I am willing to bet you a lot of people, including a hell of a lot of people here, would say "CRY WOLF CRY WOLF" when in reality - the threat was stopped due to our efforts. Then again, if we didn't stop the threat people would say "why didn't you do anything? We had evidence this was going to happen and you ignored it. Shame on you" That situation could...oh wait, it did happen...9/11. Has anything like that happened since? No. Does that mean it can't ever happen again? No. Maybe part of the reason is due to our increased security, maybe just luck, and maybe because our gov't thwarted those events. We don't get to see the whole picture all the time. While this may hurt your feelings, it is necessary (I am sure there have been times in your life you avoided telling someone the whole truth for their own good).
  Is there fear mongering? Yes. Are there people who want to spend more money to line their pockets and nothing else? Obviously. Does that mean we should not take every possible precaution to help save people's lives? Hell no. I would rather spend too much money and potentially save a life then spend too little money and potentially lose a life.
  
  --
  
  I do not support "The Man". I also do not support your irrational stupidity
18. Re:Remember, folks... by Mr.+Firewall · 2009-04-08 03:04 · Score: 2, Insightful
  
  ...you must live in perpetual fear. Whenever you're starting to focus on the reality of life, new fear WILL be injected into it to distract you.
  Nice bit of cynicism, I like it. But as a former cybersecurity professional who has worked inside of electric power plants, let me remind you that there is a difference between scaremongering (ala Global Warming, mass extinction, and other such nonsense) and REAL threats such as that in TFA.
  I've known for years about this threat. It's nice to finally see someone in the mainstream press take notice.
  Unfortunately, I'm not optimistic that THE solution will ever be seriously considered: QUIT USING WINDOW$ ON CRITICAL INFRASTRUCTURE CONTROL SYSTEMS.
  
  --
  In times of universal deceit, telling the truth gets you modded -1 Troll
19. Re:Remember, folks... by HiThere · 2009-04-08 09:37 · Score: 2, Insightful
  
  Actually, it's a lot more common than that, if you study history. Whenever one group feels unfairly suppressed, and the means of suppression is disabled more than temporarily, you're apt to have an, at least minor, uprising. It usually doesn't lead to anything more than worse oppression in the future, of course, but it is a predictable result. (Doesn't *always* happen, but it's the way to bet.)
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
Big surprise by cdgeorge · 2009-04-07 21:12 · Score: 2, Insightful

I'm sure China and Russia are having the same kind of problem.
1. Re:Big surprise by AigariusDebian · 2009-04-07 21:56 · Score: 4, Insightful
  
  Nope, electrical grid computers in exUSSR region do not even have the theoretical capacity to be connected to the public Internet. I am amazed there is an actual data linkage between the public Internet and the computers even remotely related to the power control functionality.
So once a while by microbee · 2009-04-07 21:12 · Score: 4, Insightful

"Some officials" come forward and warn about threats from China, Russia, Iran and North Korea. "Ya know, Sir, we need funding for enhancing national security, so please make sure you get your budget right."
Software programs? by gzipped_tar · 2009-04-07 21:16 · Score: 5, Insightful

I thought mission critical computers should not be reachable from the Internet. So the spies walked to those computers and planted the software there???

--
Colorless green Cthulhu waits dreaming furiously.
1. Re:Software programs? by MichaelSmith · 2009-04-07 21:18 · Score: 2, Insightful
  
  Maybe they got a job working on those systems. I have the internals of several major cities traffic signal systems in my head at the moment, and that is just what I was working on up to ten years ago.
  
  --
  http://michaelsmith.id.au
2. Re:Software programs? by giles+hogben · 2009-04-07 23:10 · Score: 2, Insightful
  
  USB Keys in car parks used by personel?
Very convenient ... by krou · 2009-04-07 21:19 · Score: 5, Insightful

From the article:

Under the Bush administration, Congress approved $17 billion in secret funds to protect government networks, according to people familiar with the budget. The Obama administration is weighing whether to expand the program to address vulnerabilities in private computer networks, which would cost billions of dollars more.
So, the week before a review is due looking into whether or not they should increase the flow from the money pump, "current and former national-security officials" have come forward to draw attention to a network of spies in the power grid.
Look, I'm not saying that cyber-attacks don't happen, or that there isn't a risk, but bloody hell, this article reads like a well-crafted piece of BS, designed to put the N back into FUDing.

--
'If Christ had tweeted the sermon on the mount, it might have lasted until nightfall.' - John Perry Barlow
Re:Why are they on the internet? by jolyonr · 2009-04-07 21:28 · Score: 4, Insightful

Then I'd suggest they need two PCs.

--

Please read my Canon EOS tech blog at http://www.everyothershot.com
This is the new war. by palegray.net · 2009-04-07 21:28 · Score: 3, Insightful

Trust me folks, it's coming. It won't be pretty, either. The power to disrupt a nation's economy via information warfare measures represents a much clearer threat than people trying to get something through airport security.

There's a reason the military is starting to get mighty interested in nerdy types, although most programs designed to leverage these skills are in their infancy. We need to get serious about this fast; other nations certainly are.

--
512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
1. Re:This is the new war. by Opportunist · 2009-04-07 22:11 · Score: 2, Insightful
  
  The threat is actually in consumer PCs, insecure and filled with malware. My fear is that, if we do not get those boxes secure soon, the Powers That Be will see them as a threat and, instead of requiring you, the user, to take responsibility for your box, demand that all boxes have to be made "secure", i.e. have some kind of mandatory surveillance available to them, or that you may only install whatever is approved and seen as ok by whatever entity your country may put in that place. All in the name of national security, of course. And while we're at it, a few kickbacks here or there may 'encourage' said entity to ensure some monopolies are set in stone.
  Not a good thing if you ask me. I'd call for responsibility for your box. Because in the long run, either you're responsible what happens with your box, or that responsibility is taken out of your hands. And given the current political climate, where personal responsibility is shunned in favor of governmental meddling, I'm pretty sure we'd see the latter happening.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
No control structure is on internet by aepervius · 2009-04-07 21:32 · Score: 3, Insightful

AFAIK the whole remotely controlled stuff is not on internet or anything but on modem and similar box (can't remember their name) to which you have to directly dial in (non routable), and is separately powered from the power grid. If not I would fire the ass of the guy in responsibility: who in their right mind would put the control structure for a power grid, on something which can only be accessed when the same power grid is functioning. Also there are local control which override any possible remote control anyway.

--
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
Re:Why are they on the internet? by drsmithy · 2009-04-07 22:00 · Score: 2, Insightful

The systems I work on are typically airgapped, but there is a constant push from users for some access to the internet. A user might need to access meteorological information, and the simplest way is to go online to get the data. Another user might need to refer to work instructions on the corporate intranet, but the intranet gets you to the internet anyway. Like it or not, the internet is working its way into many types of work and many people are starting to expect it to be available.
Then your users need two PCs and a KVM (or even two completely separate PCs - ideally on opposite ends of the desk - to properly drive the point home).
There are some situations where security MUST override convenience.
Right as Obama is asking for emergency powers to c by SirBitBucket · 2009-04-08 01:48 · Score: 2, Insightful

Interesting timing for this report to come out right as Obama is asking for draconian emergency powers to be able to shut off the internet and other private networks at will without regard for any law. http://www.tomshardware.com/news/obama-shut-down-internet-legislation,7478.html