Spies 'infiltrate US power grid'

By Maggie Shiels Technology reporter, BBC News, Silicon Valley

Security experts say the technology protecting the grid has not kept pace

The US government has admitted the nation's power grid is vulnerable to cyber attack, following reports it has been infiltrated by foreign spies.

The Wall Street Journal (WSJ) newspaper reported that Chinese and Russian spies were behind this "pervasive" breach.

It said software had been left behind that could shut down the electric grid.

"The vulnerability is something [we] have known about for years," said US Homeland Security Secretary Janet Napolitano.

"We acknowledge that... in this world, in an increasingly cyber world, these are increasing risks," Ms Napolitano added.

She refused to comment on the WSJ story that an intrusion had taken place, but security experts said they were not surprised by the claims.

"There is a pretty strong consensus in the security community that the SCADA equipment, a class of technology that is used to manage critical infrastructure, has not kept pace with the rest of the industry," said Dan Kaminsky, a cyber security analyst and director of penetration testing for IOActive.

"Software for desktops and the internet have been dealing with the issue of security for the last 10 years, and that hasn't really come into the SCADA realm.

"From a geo-political standpoint, this has created an opening for skilled 'hostiles' to obtain a presence in places we would rather they didn't have one."

'Strategic thinking'

The WSJ reported that the intruders had not sought to damage the power grid or any other key infrastructure so far, but suggested they could change their approach in the event of a crisis or war.

A report last year said China had been accessing sensitive US databases

Security watchers said that, if true, the involvement of the Chinese and Russians in such a scenario would show they were strategically thinking about how either to constrain the US or to inflict more damage if they felt a need to do so.

"I think that China recognises if in a very strategic sense you want to ensure you have the ability to exploit another country's potential weakness or vulnerability, but do it in a way that isn't confrontational or cause an international crisis, then this is a very good way of doing that," Eric Rosenbach, of Harvard University's Kennedy School of Government's Belfer Center, told Reuters news agency.

The motives behind these potential attacks are undoubtedly military or political in nature, said Tim Mather, chief security strategist for the RSA Conference, the world's biggest security event.

He told the BBC: "These countries are not doing this willy-nilly. There is a tactical reason for all of this and no doubt tied to a longer term strategic plan which is gosh if they need to jerk the chain of the US, then this is the way to do it.

"This is like having an ace in the hole for the Chinese or Russians, just in case," said Mr Mather.

'Top-to-bottom review'

In the coming weeks, a government review of cyber security is due to land on the desk of US President Barack Obama.

"The president takes the issue of cyber security very seriously, which is why he ordered a top-to-bottom review shortly after taking office," said White House spokesman Nick Shapiro.

The Journal said intelligence officials brought the breaches to light

He added that the White House was not aware of "any disruptions to the power grid caused by deliberate cyber-activity here in the United States".

Mississippi Democratic Representative Bennie Thompson, chairman of the House of Representatives Homeland Security Committee, said he would introduce legislation to address weaknesses in the system.

"Our electric system is critical to our way of life, and we cannot afford to leave it vulnerable to attack. Our oversight indicates there is a significant gap in current regulation to effectively secure the infrastructure," he said.

The North American Electric Reliability Corp, the industry group with responsibility for grid reliability and security, said it was unaware of any cyber-attacks that had led to disruptions of service.

"NERC and industry leaders are taking steps in the right direction to improve preparedness and response to potential cyber threats. There is definitely more to be done," the group said in a statement.

"To date the number of people in the position to cause harm on SCADA has been thankfully relatively small," Mr Kaminsky told the BBC.

"But however small, it is big enough to be a problem and a problem that can potentially turn the lights out and cause economic harm to our country. The game is up," he said.

E-mail this to a friend

Printable version