Subscription Center
Apr 9, 2009 05:52 PM | 3
The Wall Street Journal, citing unnamed current and former national security officials, reports that spies from China, Russia and other countries have hacked into the U.S. electricity grid and installed software that could cause mass outages. According to these same officials, the foreign agents have not sabotaged the grid (yet), but rather want to “map our infrastructure” for possible exploitation in case of a future war.
Sound a bit cloak and dagger?
“It’s all hype and it’s fear-mongering,” says Bruce Schneier, a security technologist who writes a blog and is chief of security at BT, a U.K.-based communications services company. He says odds are those countries have mapped U.S. power grids just as the U.S. has no doubt mapped theirs—but that it's sort of business as usual rather than cause for concern.
“It feels like that story [in the WSJ] was planted by somebody,” Schneier says, speculating that the source might just be "some agency posturing for funding” as Congress debates the fiscal year 2010 budget. Plus, the article does not specify the parts of the U.S. grid that foreign governmental agents have allegedly penetrated. “Is it plant computer systems? Substations? Routers? Employee e-mail accounts? Who knows?” asks BNET Energy.
Nevertheless, there's no question the nation's energy grid could be the target of a cyber attack, Schneier says. But he notes that it's no more vulnerable than most other computer systems.
“I am worried about electric grid security, but more about random accidents than about bad guys," Schneier says, pointing to the 2003 blackout when 50 million people in the Northeastern U.S. lost power due to a cascade of failures traced back to sagging power lines in Ohio brushing against some overgrown trees.
The dilapidated state of the electrical grid in the U.S. has drawn a lot of attention in the early months of Barack Obama’s presidency. His administration wants to build a smarter electrical grid that will track and compensate for power disruptions in real time and allow customers to better monitor their own (at times, profligate) energy consumption. Making the domestic power grid smarter will mean tying it to more computers, potentially leaving the whole infrastructure at greater risk, Schneier says, adding, however, that "if done well, a smart grid could be more reliable and safer” than today’s system.
This will not be easy. “The North American electric power system grid might be the most complex machine ever built,” says Massoud Amin, professor of electrical and computer engineering at the University of Minnesota and an expert on electrical grid security.
Schneier says, however, that “there’s actually some security in being a hulking relic of technology,” noting that modern computers with complex, porous operating systems, such as Windows, are more vulnerable to the malicious codes that cyber malefactors cook up—to wit, the pervasive Conficker virus that has infected some 15 million computers since November.
Cyber criminals have in fact targeted electrical grids before, Schneier says. In January 2008, CIA analyst Tom Donahue disclosed that extortionists had hacked into utilities outside the U.S. and had triggered a blackout affecting several cities. But Schneier is skeptical because many details of the particular case remain unconfirmed.
Schneier says that power company insiders remain a much bigger threat than espionage-bent countries. In perhaps the most famous example, a disgruntled man named Vitek Boden hacked into a sewage treatment plant in Maroochy Shire in eastern Australia in 2000. He triggered the release of hundreds of thousands of gallons (millions of liters) of raw sewage into parks and rivers—all because the facility wouldn’t hire him. Investigators who tracked the incident to Boden discovered that his laptop's “hard drive contained software for accessing and controlling the sewage management system,” according to The Register, an online U.K.-based technology newspaper.
Computer hacking, of course, is as old as the computer itself, and the electrical grid is far from the only major element of modern interconnected society that faces threats borne over the Internet. (Even the world's biggest particle accelerator isn't immune: some cyberpunks jacked into the Large Hadron Collider in September.)
The U.S. military, for instance, says that its information grid gets probed and even attacked millions of times a day, according to CBS News. Pentagon officials say they have spent $100 million in the past six months fighting cyber attacks and fixing network problems.
"The important thing is that we recognize that we are under assault from the least sophisticated—the bored teenager—all the way up to the sophisticated nation-state, with some pretty criminal elements sandwiched in-between," Air Force Gen. Kevin Chilton, head of U.S. Strategic Command, told CBS News.
Image Credit: iStockphoto / Pinopic
Tags:
computer hacking,
cyber warfare,
hacking the electrical grid,
energy security
More News Blog:
Next: Evidence builds that North Korea's launch was a missile test
Previous: FDA to review risky old medical devices
See what we're tweeting about
DNLee5 “@_praxis_: can we pas a law for mid day early after noon siestas” // YASSSS! DNLee5 Breaking down, registering for #NABJ conference...Can't start a revolution via proxy. (I may need to pass a hat around. Lol, tears)
beatricebiology Here's my new tactic for convincing you to buy my book!... http://t.co/GEuMhTG6Tr
Deadline: Jul 15 2013
Reward: $5,000 USD
SciBX: Science-Business eXchange, a joint publication from the makers
Deadline: Jun 30 2013
Reward: $1,000,000 USD
This is a Reduction-to-Practice Challenge that requires written documentation and&
Powered By: 
YES! Send me a free issue of Scientific American with no obligation to continue the subscription. If I like it, I will be billed for the one-year subscription.
3 Comments
Add CommentSolving the problems of the electrical grid is the most important infrastructure upgrade that is needed in this country. Without dependable electrical supplies everything STOPS!
Reply | Report Abuse | Link to thisRemember the cluster of power outages a number of years back, early 2000's? First CA, then New York, then France, then Italy...
Reply | Report Abuse | Link to thisIf this article on hacking interests you and you are currently researching new ideas to respond to the mounting challenges in cyber security you should take a look at the Global Security Challenge website: www.globalsecuritychallenge.com.
Reply | Report Abuse | Link to thisWe have just launched a new award (�9,000 GBP cash grant, mentorship and networking opportunity) for researchers and small companies developing new technologies in cyber security. The judging for this award will focus mainly on the disruptive potential of the technology and less on the idea's maturity. Entry is free and the closing date is 15 May 2009.