Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Electricity Grid Reportedly Penetrated By Spies

Posted by kdawson on from the im-in-ur-wirez-eatin-ur-lectrons dept.

phantomfive worries about a report in the Wall Street Journal ("Makes me want to move to the country and dig a well") that in recent years a number of cyber attacks against US infrastructure have been launched over the Internet: "Cyberspies have penetrated the US electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials. The spies came from China, Russia, and other countries, these officials said, and were believed to be on a mission to navigate the US electrical system and its controls. The intruders haven't sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war."

10 of 328 comments (clear)

  1. Remember, folks... by Anonymous Coward · · Score: 5, Insightful

    ...you must live in perpetual fear. Whenever you're starting to focus on the reality of life, new fear WILL be injected into it to distract you. This is how the natural order sustains itself.

    1. Re:Remember, folks... by oodaloop · · Score: 5, Insightful

      Uh, does that mean that there aren't real dangers for which we need to be prepared? Might want to check your bathwater for babies before tossing it out.

      --
      Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
    2. Re:Remember, folks... by Opportunist · · Score: 5, Insightful

      Are there real threats? Yes, of course there are. But when enough scaremongering is mixed into them, you get the reaction that the OP AC shows: Cry wolf once too often and people will ignore you.

      Also, there are a few things that I'd consider a lot more dangerous and worrysome that you don't hear about at all. Intentionally or not, your decision.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    3. Re:Remember, folks... by afxgrin · · Score: 5, Insightful

      Not to mention the creation of an alien enemy. Obviously - OBVIOUSLY - the IP addresses come from Russia and China - and in no way could a proxy be used from those countries - by an American. No way that could ever happen.

      Obviously the spies are Russian or Chinese, because Americans would have no reason to hack into their own government's systems.

    4. Re:Remember, folks... by totally+bogus+dude · · Score: 5, Insightful

      Probably not coincidence, but that doesn't mean it's sinister or improper. If you knew of a significant threat that wasn't being addressed, and it was that time when the People In Charge were working out where to spend money (i.e. are actively seeking information and advice on the most effective use of their funds), wouldn't that seem like an ideal time to try to raise awareness of it?

      Or would you prefer to wait until there's no money to spend and nobody currently in a position to do anything about it before announcing it?

      Not saying it isn't all another scam to get free money, but just because it might be doesn't mean it is.

    5. Re:Remember, folks... by Opportunist · · Score: 5, Insightful

      I can well understand that. And I actually see the whole deal as an attempt to cover their butts to show that they "did something" concerning the threat. They'd be eaten alive by the media if something happened and nothing had been done.

      9/11 is a prime example. What was the first thing we heard? The FBI knew ages before the attack that something like this was planned. Sure they did. And they also heard about a thousand other things that never happened.

      You cannot prepare for everything. I do not expect that. I do expect reasonable preparations, at the most. My liberty is worth more than my life, and I do expect my government to primarily protect my freedom. If the solution to the terrorist craze is to eliminate all freedom then, well, why bother fighting? After all, a regime of terror, fear and total control is pretty much what the terrorists allegedly want to create for us. If we do that ourselves, do we really win?

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  2. Software programs? by gzipped_tar · · Score: 5, Insightful

    I thought mission critical computers should not be reachable from the Internet. So the spies walked to those computers and planted the software there???

    --
    Colorless green Cthulhu waits dreaming furiously.
  3. Very convenient ... by krou · · Score: 5, Insightful
    From the article:

    Under the Bush administration, Congress approved $17 billion in secret funds to protect government networks, according to people familiar with the budget. The Obama administration is weighing whether to expand the program to address vulnerabilities in private computer networks, which would cost billions of dollars more.

    So, the week before a review is due looking into whether or not they should increase the flow from the money pump, "current and former national-security officials" have come forward to draw attention to a network of spies in the power grid.

    Look, I'm not saying that cyber-attacks don't happen, or that there isn't a risk, but bloody hell, this article reads like a well-crafted piece of BS, designed to put the N back into FUDing.

    --
    'If Christ had tweeted the sermon on the mount, it might have lasted until nightfall.' - John Perry Barlow
  4. China and Russia? by Thanshin · · Score: 5, Funny

    China, Russia, and other countries,

    So you mean there are people capable of hacking the US energy grid but who can't start the attacks from a hacked box in Madagascar?

    "Who's attacking us?"
    "Sir, the attacks come from half a million infected machines all around the world."
    "From all coutries?"
    "Yes, sir."
    "So China and Russia too?"
    "Hmm, Yes, of course, sir"
    "Damn commies... We should've nuked them a long time ago."

  5. Re:Why are they on the internet? by Lumpy · · Score: 5, Interesting

    Blowing all my moderation to reply to this.

    Let me make this clear. Putting a critical system on to the internet is pure, stupid, incompetence.

    ALL of your "situations" can be solved with a second $399.95 DELL sitting next to the critical workstation. Anyone saying that that is not practical is a blathering moron. I have seen MANY water filtration plants that the Supervisors in charge of the whole operation are so incompetent they put the entire plant's operation system on the corporate or city network. Then we have the low quality SCADA software called WonderWare that is so badly written that the company requests they have direct access to the machines so they can issue fixes faster.

    If any mission critical machines are on anything but a sealed private non connected network, the person that designed it is a incompetent idiot that should take the fall for any failures. Gitmo time for whoever approved or asked for interconnection.

    I have been appalled at the amount of interconnection I see in really important SCADA systems. I have seen this stupidity in major infrastructure control systems for 14 years now. Typically put here by some asshole manager that wants to "keep an eye" on his guys while he is at home. he get's a workstation (typically the one in his office) set up with a second network card and Pc anywhere or another Remote control system to interconnect the secure to the un-secure. and does it with a stupid windows box. Then the idiot uses it to check email, surf the net,etc... All installed by your friendly company IT slackie After the SCADA installation guys go home.

    Every system I looked at that was "secure" typically had one of these bridging computers on it the only way to find the is to do a hard audit of every computer, the rate of finding these security breaches goes up as the age of the installation increases.

    --
    Do not look at laser with remaining good eye.