Home 
Networking & Communications U.S. Electricity Grid Compromised
U.S. Electricity Grid Compromised - Page 2
Share this Article
Digg
Del.icio.us
Newsvine
Facebook
Google
LinkedIn
MySpace
Reddit
Slashdot
StumbleUpon
Technorati
Twitter
Windows Live
YahooBuzz
FriendFeed
Page 2 of 2
Will the industry respond?
LogRhythm's Knight said that the industry's self-regulatory body, the North American Electric Reliability Corporation (NERC), has the authority to levy fines of up to $1 million dollars per day, but added that the NERC standards only require minimum security levels.
NERC claimed in a statement today that there have been no actual reported security incidents and said that the industry takes the issue seriously and is working on it. "Though we are not aware of any reports of cyber attacks that have directly impacted reliability of the power system in North America to date, it is an issue the industry is working to stay ahead of."
The Journal story makes note of a document that is a warning from NERC to its energy industry member companies.
The warning notes that most security plans for the energy infrastructure assume that the threat is a natural one, attacking one element of the grid, and do not account for the possibility of a cyber attack hitting every element of the grid at once. Furthermore, says the note, many members are not in compliance with NERC standards -- and compliance audits will begin on July 1, 2009. NERC has a backlog of about 2,000 violations that it is currently processing.
Given a decade of warnings about the issues, those responsible will be eager to assign blame. "The 'I-told-you-so's' will start coming," said LogRhythm's Knight.
There's already some paranoia in the industry due to "red teaming" attacks in which benign entities test the strategies they anticipate will be used by hackers. After one such attack a year ago in which a team harvested the names and addresses of key industry professionals from a Web site, a member of a SCADA list serv recommended that members avoid using their real names on the list.
As for the attack, Knight noted that infiltration is possible with standard malware technology, which is freely available to any tech-savvy government. He added that if any government has unknown technology that is capable of attacking the energy infrastructure, it will be only used once, because once used, it can be reverse-engineered. He said he talked to a member of the military who noted that some bad guys would love to shut down a military base without any loss of life, but that once you do so, you lose the element of surprise.
Knight added that because attackers can use simple malware, it will be difficult to tell whether a government conducted the attack or whether individuals were responsible.
Indeed, earlier this year, InternetNews.com reported that the Georgian government was never able to identify the relationship between the hackers who attacked it online and the Russian government with which it fought a war.
Inquiries to the U.S. Department of Homeland Security, the DC Embassy of the Russian Federation and the DC Embassy of China were not replied to at press time.
