You have commented 339 times on Rantburg.

Your Name
Your e-mail (optional)
Website (optional)
My Original Nic        Pic-a-Nic        Sorry. Comments have been closed on this article.
Bold Italic Underline Strike Bullet Blockquote Small Big Link Squish Foto Photo
Submit your comments on this article
China-Japan-Koreas
Chinese hackers behind US blackouts
2008-05-31
Computer hackers in China, including those working on behalf of the Chinese government and military, have penetrated deeply into the information systems of U.S. companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to U.S. government officials and computer-security experts.

One prominent expert told National Journal he believes that China’s People’s Liberation Army played a role in the power outages. Tim Bennett, the former president of the Cyber Security Industry Alliance, a leading trade group, said that U.S. intelligence officials have told him that the PLA in 2003 gained access to a network that controlled electric power systems serving the northeastern United States. The intelligence officials said that forensic analysis had confirmed the source, Bennett said. “They said that, with confidence, it had been traced back to the PLA.” These officials believe that the intrusion may have precipitated the largest blackout in North American history, which occurred in August of that year. A 9,300-square-mile area, touching Michigan, Ohio, New York, and parts of Canada, lost power; an estimated 50 million people were affected.

A second information-security expert independently corroborated Bennett’s account of the Florida blackout. According to this individual, who cited sources with direct knowledge of the investigation, a Chinese PLA hacker attempting to map Florida Power & Light’s computer infrastructure apparently made a mistake. “The hacker was probably supposed to be mapping the system for his bosses and just got carried away and had a ‘what happens if I pull on this’ moment.” The hacker triggered a cascade effect, shutting down large portions of the Florida power grid, the security expert said. “I suspect, as the system went down, the PLA hacker said something like, ‘Oops, my bad,’ in Chinese.”

The power company has blamed “human error” for the incident.
Posted by:Nimble Spemble

#8  We could face similar issues with water treatment plants. The AWWA (American Water Works Assoc.) has developed standards to avoid and protect against these kinds of attacks against SCADA systems.
Posted by: Alaska Paul   2008-05-31 17:56  

#7  Supposed to be isolated. But rumor had it that some places wanted to have experts fix things remotely, or control remote sites simultaneously, and so skipped a few security steps. The only place I have any hard knowledge of locked things down fairly tightly last year and I don't know of any mission-critical holes. It is not a power company, though.
Posted by: James   2008-05-31 13:00  

#6  Alth I guess you could hack in the really hard way.
Posted by: George Smiley   2008-05-31 12:47  

#5  SCADA circuits are normally isolated.
Posted by: George Smiley   2008-05-31 12:47  

#4  There have been severe SADA security deficiencies in the power grid. Just sayin.
Posted by: OldSpook   2008-05-31 10:24  

#3  Musta been Chinnee Hackers, couldn'a been anyone in the companies involved, clean as a whistle. Chinnee Hackers, yep. SwampCabbageMan also played a minor role in the Florida case.
Posted by: George Smiley   2008-05-31 08:42  

#2  I blame the lawyers who worry about retaliatory actions. Their approach has been about effective as multiple UN resolutions. First step is to plant viruses that when accessed activate, it doesn't have to be completely malicious, but it will tell us who opened it by its propagation. It will pin point within a 20kt range who needs our attention.
Posted by: Procopius2k   2008-05-31 08:28  

#1  Disturbing, if true. I don't understand why nets controlling infrastructure would be accessible from the public Internet in the first place. Never underestimate either the malicious intent of outsiders, or the stupidity of your own IT department.
Posted by: PBMcL   2008-05-31 00:55  

00:00