Cyberspies Penetrate U.S. Electrical Grid, Leave Software That Could Disrupt System
April 8th, 2009Via: Wall Street Journal:
Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.
The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven’t sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.
“The Chinese have attempted to map our infrastructure, such as the electrical grid,” said a senior intelligence official. “So have the Russians.”
The espionage appeared pervasive across the U.S. and doesn’t target a particular company or region, said a former Department of Homeland Security official. “There are intrusions, and they are growing,” the former official said, referring to electrical systems. “There were a lot last year.”
Many of the intrusions were detected not by the companies in charge of the infrastructure but by U.S. intelligence agencies, officials said. Intelligence officials worry about cyber attackers taking control of electrical facilities, a nuclear power plant or financial networks via the Internet.
Authorities investigating the intrusions have found software tools left behind that could be used to destroy infrastructure components, the senior intelligence official said. He added, “If we go to war with them, they will try to turn them on.”
Officials said water, sewage and other infrastructure systems also were at risk.
When asked whether Russian and Chinese intelligence agencies were simply returning the favor done to them by American intelligence agencies–as engineered by eastern European assets taking time off from flooding the earth with porno–American intelligence agencies responded, “No comment.”
My question would be: What the hell is the deal with putting critical infrastructure on the Internet?
I used to think that these sort of systems were controlled by ultra-reliable redundant hardware, but sometimes I suspect that at the core of it all is a Windows 98 machine with a busted fan running macros in an excel spreadsheet.
You mean Windows ME, don’t you? Probably running on a Toshiba Libretto plugged directly into an AC outlet.