Homeland Security Watch

News and analysis of critical issues in homeland security

April 8, 2009

Beware of geeks bearing gifts

Filed under: Cybersecurity — by Philip J. Palin on April 8, 2009

This morning’s Wall Street Journal reports, “Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials. The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven’t sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.”

UPDATEChinese deny intruding into US electrical grid and some experts claim it doesn’t matter much anyway.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print
  • LinkedIn

2 Comments »

Comment by William R. Cumming

April 8, 2009 @ 8:40 am

Assuming documentation for WSJ story exists should have explosive consequences for past administrations, the electrical industry and political oversight of cybersecurity. Oddly story is just in time for wind up of the Obama Adminstration cyber security review. So far little effort by industry to protect itself yet does not want governmental regulation or standards. I guess all the legs of the stool, government, industry, and public just hoping for the best. Try and live off-grid in any SMSA and you cannot do it successfully. Look at devastation in Kentucky and Missouri this past winter from ice-storms. Tough to live without electricity.

Comment by William R. Cumming

April 9, 2009 @ 8:55 am

My Virginia Edition of WAPO today picks up the same story. The Secretary DHS is reported to have flatly refused to comment on the North American Electric Reliability Corp. or perhaps it was a reported Pentagon statement or perhaps it was the letter to industry officials by Michael J. Assante, the NAER, Corp. Chief Security Officer. It is hard to know from the reporting what exactly the Secretary refused to comment upon.Then the article goes on to state that to her knowledge, no part of the U.S. electricity grid has been “compromised by a deliberate cyber attack.” Adding that the utility industry is “working all the time to detect cyber instrusions and to mitigate their impact, and clearly it’s function of the utilities, not the government–but we work with them.”
Let it be stated that none of this jives and who has been briefing the Secretary. Physical security of the grid has been an issue of national security for over two decades. No backup transformers or key parts for example and complete lack of watchfullness by FERC and DOE. After issuance of PCCIP report in fall 1997 cyber was certainly on the agenda but also that group, so-called “Marsh Commission” lobbied by utility industry not to look at system vulnerability. Now 12 years later enhancement of computer assisted control systems means even more likely that remote access can disrupt grid. Why does she keep trying to facily gloss over an issue that has existed for several decades and clearly whatever the work done the failure of federal standards and regulatory authority in this arena because of Congressional corruption should have been addressed by seeking more authority not arguing as leadership tends to do in both parties that it is someone else’s problem and the feds should just tag along. We (the feds) have done that for several decades and little to show for it given the Assante letter. Again the king has NO clothes. No wonder DOD is working so hard to make sure its bases, installations, and operations are self sufficient and not reliant on grid resiliency.

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>