- Date: April 9th, 2009
- Author: Larry Dignan
- Category: Security
Spies have reportedly been probing the U.S. electrical grid for months and planting software that could be activated at a future date, according to The Wall Street Journal. The report highlights the latest vulnerabilities facing U.S. power infrastructure.
The Journal notes that the spies are from China, Russia and other countries. While the news isn't that surprising—given how vulnerable U.S. infrastructure is—it is notable because electrical grids were initially thought to be somewhat hacker proof until recently. Why? Grids run on an old mish-mash of software, which is often proprietary.
However, recent events indicate that so called SCADA systems—(Supervisory Control And Data Acquisition), which collect data from sensors and machines and send them to a centrally managed repository—are also at risk. To wit, last June Core Security detailed how SCADA systems were vulnerable. And even silly electronic road sign pranks show how SCADA systems are vulnerable.
How bad is it? According to the Journal report, a SCADA attack may be a disaster waiting to happen. The ability to hack into electric grids isn't new–you can find reports here, here and here—and the usual techniques such as social engineering, exploits and other hijinks work well. In addition, the House Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology had a big hearing on electric grid threats a year ago and the General Accountability Office has also highlighted the issues in a report on network controls.
In a report, the GAO found the Tennessee Valley Authority (TVA), a federal corporation and the nation's largest public power company, "had not consistently implemented significant elements of its information security program." Meanwhile, the TVA's corporate network "lacked key software patches and had inadequate security settings, and numerous network infrastructure protocols and devices had limited or ineffective security configurations," according to the GAO.
Simply put, the fact the grid is wide open for malicious hackers isn't news. What's different is the Journal is naming names (at least countries).