CIA Claims Cyber Attackers Blacked Out Cities 280
Dotnaught writes to tell us InformationWeek is reporting that the CIA admitted today that recent power outages in multiple cities outside the United States are the result of cyberattacks. "We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyberattacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."
Where and When? (Score:4, Interesting)
Re:Where and When? (Score:3, Interesting)
Something smells. (Score:5, Interesting)
Now add the fact that the US Director of National Intelligence has indicated that he wants to obtain the ability to monitor all Internet traffic data [arstechnica.com]:
Contrast this with a second Ars article from yesterday, where the US Federal Energy Regulation Commission has just approved new security regulations [arstechnica.com] for the organizations (mostly private) that run the US electrical grid. Rather than blaming evil foreign hackers, Ars reports that:
This all just sounds like an excuse to install packet loggers everywhere.
(And it's not just the US authorities who want to lock down and control the Internet; the UK also recently indicated a desire to install censorship devices at the ISP level [theregister.co.uk]. Good luck with that.)
BS (Score:4, Interesting)
Re:Why not use air-gap firewalls? (Score:3, Interesting)
Microsoft, Linksys, Google, Yahoo
Re:Why are systems like this hooked onto the inter (Score:1, Interesting)
Individual production with such a backbone in place for backup instead of primary supplier would be far more secure and with renewable electrical generation it would be greener too. Selling excess to the grid distributors however has the potential to bring back the family farm, reduce city costs of dealing with wastes and so on.
IANEE, IANME, nor an English major as you probably already guessed from the weak sentence structure.
Re:Just in time... not how you think (Score:3, Interesting)
Re:Why are systems like this hooked onto the inter (Score:5, Interesting)
1. There may be situations where the systems need to be remotely administered, and using the Internet is a much, much cheaper way to facilitate this than deploying a completely private network infrastructure just for this purpose, which probably isn't very practical (for both physical and financial reasons).
2. pr0n browsing.
Option 2 may cut into their profits a bit though
I haven't read TFA yet, but an attack from the Internet should *never* happen to something as important as this.
Where I work, we have an In-Confidence network and some Protected stuff. Each level is ONLY allowed to connect to ONE level lower and then only via approved security mechanisms. So the In-Confidence can access the (Unclassified) Internet, but the Protected stuff can't talk to the Internet at all. Actually in our case we don't bother connecting the Protected stuff even to our In-Confidence network.
I would assume a power control system would be much higher security than In-Confidence (that's pretty low - any decent business should be at least that level in reality), and thus not allowed to talk to the Unclassified Internet.
This of course is for Government networks. The US power companies (as are most in Australia) are privately owned, so they don't have to worry about such trivial things as security rules.
On a side note, I'm constantly amazed at the expectation of vendors and PHBs that we will automatically open up our network so that some stray vendor can remotely debug their dodgy application. Yea sure, we'll let you in from your totally unknown network that has only knows what security holes and stuff going on inside it to access our server(s) with elevated privileges. Especially when everyone working in our IT department has gone through a security clearance, and they have whoever they snagged off the street.
Actually I've just had a look at TFA, and it doesn't have any sort of details on what / where (not USA) / when (well vaguely - recently) / why (profit ???) / how these attacks occurred.
Re:Why are systems like this hooked onto the inter (Score:2, Interesting)
everything I said is hearsay and might be wrong from bad memory, but I do know that somebody who knows about this stuff says it isn't all its cracked up to be.
I don't think so (Score:5, Interesting)
Re:OOB management isn't a panacea (Score:2, Interesting)
This is a real risk (Score:3, Interesting)
There is always a balance between cost and protection and it's easy to cut back the costs, since the risks are very hard to weigh. Many companies calculates with a certain amount of downtime caused by "unforseen" events. What's in this category also depends on the amount of money put into the security bag. They are just comparing the agreements with their customers and the cost for protection and are figuring out that "OK, we can allow to have a day or more downtime without violating our customer agreements".
It's all about money, but sometimes you may think that there are people as mean as Marwin Meathead [hermanhedning.com].
Re:OOB management isn't a panacea (Score:4, Interesting)
It's been a looooong time since companies were interested in the best possible solution, these days when something like only making a 25% profit instead of a 27% profit can cause emotional investors to dump your stock, dropping the price, and causing your company a loss of net worth in the millions, they're mostly interested in just spending the least amount that they can.
Re:Why are systems like this hooked onto the inter (Score:3, Interesting)
I really liked the last paragraph in the article:
Windows + wifi + scada + power_grid = fun_and_games
Re:Why are systems like this hooked onto the inter (Score:3, Interesting)
My developers gave up on that a long time ago. Now, whenever the end user asks for live assistance, or in any one of a number of error conditions, we spawn off an ssh tunnel from the customer site to our mothership server, send the error/status report, and leave the thing open for three days.
Yeah, we snag customer care techs off the street, it's true. But your security-cleared IT personnel install whatever we ship as root if we tell them too in the readme. I'm not trying to scare or insult you or act macho. It's pathetic that we could arrange to expose the networks of dozens of Fortune 500 companies. But realistically, if someone calls up and can't figure out what our software did with their tax information, it's a lot quicker to tunnel in and look at the logs than it is to walk them through the myriad of possibilities on the phone.
Why should anyone believe them? (Score:2, Interesting)
HI! We are the US's Profesional Lying Team! (Score:3, Interesting)
We also have secret wars, illegal financing, blackmail, brainwashing, manipulation of the press, assassination, extra-judicial surveillance, detention and punishment. What'd I leave out? Oh, yeah! "Harsh Interrogation". That's just "torture" between us. But I digress. The mainline business is lying - it's like the life-blood of the other operations.
Now trust us on this one: The Internet is extremely dangerous.
Really. You'll have to get on board with us over this one, as we begin to curtail the Internet. I know it's a useful tool for communication. But we'll all have to live with censorship, spying and blockage, to stop an Internet 9/11.
It is most important that you associate political speech and action on the Internet with suspicious motive - even with predilection for terror. We will develop this theme over the next few years, so stay tuned - and stay safe.
Trust us. Would we lie to you?
Re:Why are systems like this hooked onto the inter (Score:3, Interesting)
I've also gotten the impression that this is something that the CIA themselves may have done on other occasions.
Re:I don't think so (Score:1, Interesting)