Threat to the grid? Details emerge of sniper attack on power station

Newly reported details about a 52-minute sniper attack on a central California electrical substation last year are raising concerns from Capitol Hill and beyond, amid questions over whether it was the work of terrorists.

The April 16, 2013, attack had not been widely publicized until The Wall Street Journal reported new details in a story on Wednesday. The attack reportedly started when at least one person entered an underground vault to cut telephone cables, and attackers fired more than 100 shots into Pacific Gas & Electric’s Metcalf transmission substation, knocking out 17 transformers. Electric officials were able to avert a blackout, but it took 27 days to repair the damage.  Continue reading

Study Predicts More Frequent And Severe Blackouts In The Coming Years

A new assessment from a British and New Zealand research team has concluded that the worldwide electrical grid will suffer more frequent and significant outages if current trends continue.

In their report, which was published in the Social Space Scientific Journal, the two authors noted that nearly three quarters of American transmission lines are more than 25 years old. Continue reading

The Complex ‘Military-Style’ Raid on California Power Station Spooks U.S.

When U.S. officials warn about “attacks” on electric power facilities these days, the first thing that comes to mind is probably a computer hacker trying to shut the lights off in a city with malware. But a more traditional attack on a power station in California has U.S. officials puzzled and worried about the physical security of the the electrical grid–from attackers who come in with guns blazing.

Around 1:00 AM on April 16, at least one individual (possibly two) entered two different manholes at the PG&E Metcalf power substation, southeast of San Jose, and cut fiber cables in the area around the substation. That knocked out some local 911 services, landline service to the substation, and cell phone service in the area, a senior U.S. intelligence official told Foreign Policy. The intruder(s) then fired more than 100 rounds from what two officials described as a high-powered rifle at several transformers in the facility. Ten transformers were damaged in one area of the facility, and three transformer banks — or groups of transformers — were hit in another, according to a PG&E spokesman. Continue reading

Inside TAO: Documents Reveal Top NSA Hacking Unit

For more on SCADAs, please see the following previous posts:

Exclusive: Cyberattack leaves natural gas pipelines vulnerable to sabotage

UPDATE 3: U.S. probes cyber attack on water system

Security backdoor found in China-made US military chip

 

The NSA’s TAO hacking unit is considered to be the intelligence agency’s top secret weapon. It maintains its own covert network, infiltrates computers around the world and even intercepts shipping deliveries to plant back doors in electronics ordered by those it is targeting.

In January 2010, numerous homeowners in San Antonio, Texas, stood baffled in front of their closed garage doors. They wanted to drive to work or head off to do their grocery shopping, but their garage door openers had gone dead, leaving them stranded. No matter how many times they pressed the buttons, the doors didn’t budge. The problem primarily affected residents in the western part of the city, around Military Drive and the interstate highway known as Loop 410. Continue reading

Weekend Attacks on Arkansas’ Electric Grid Leave 10,000 Without Power; ‘YOU SHOULD HAVE EXPECTED U.S.

Another interesting factor in attacks on the U.S. critical infrastructure is the exploiting of SCADAS. It’s been evidenced quite a few times that these have been compromised.

Here is one such example: UPDATE 3: U.S. probes cyber attack on water system

More than 10,000 people in Arkansas were dumped into a blackout Sunday following an attack on that state’s electric grid, the FBI said today, the third such attack in recent weeks. In August, a major transmission line in the region, around Cabot, Ark., was deliberately cut.

The FBI said that two power poles had been intentionally cut in Lonoke County on Sunday, resulting in the outage.

The FBI said it would pay a $25,000 reward for information about the attacks.

And for good reason. The FBI suspects these attacks are linked with a third incident in September. Continue reading

Some US Utilities Say They’re Under Constant Cyber Attack

Several power utilities say they face a barrage of cyber attacks on their critical systems, a report by two Democratic lawmakers found echoing warnings from the Obama administration that foreign hackers were trying to bring down the U.S. power grid. Continue reading

U.S. On Alert for Nuclear Blast Overhead

Imagine, with the intelligence community being as slow as it already is, if there already are dozens of EMP satellites hanging over the continental United States waiting for the command to just fall out of the sky and send the nation back 200 years. There is no defense against that.

The concern is so great that U.S. officials who watch North Korea closely are continually monitoring the status of the North Korean “space launch vehicle,” whose status could suggest a pre-emptive nuclear strike against the United States.

They are aware of the three-stage missile North Korea launched last December that also orbited a “package,” which experts say could be a test to orbit a nuclear weapon that then would be deorbited on command anywhere over the U.S. and exploded at a high altitude, creating an EMP effect. Continue reading

Exclusive: Cyberattack leaves natural gas pipelines vulnerable to sabotage

For further information on SCADAs, please see the following Global Geopolitics entries that were ahead of the curve:

Red Dragon Rising: Communist China’s Military Threat to America” from 1999 is a highly recommended read. The United States is in more vulnerable than most people know, and longer than most people would have thought.

Cyberspies linked to China’s military targeted nearly two dozen US natural gas pipeline operators over a recent six-month period, stealing information that could be used to sabotage US gas pipelines, according to a restricted US government report and a source familiar with the government investigation.

From December 2011 through June 2012, cyberspies targeted 23 gas pipeline companies with e-mails crafted to deceive key personnel into clicking on malicious links or file attachments that let the attackers slip into company networks, says the Department of Homeland Security (DHS) report.

The report does not mention China, but the digital signatures of the attacks have been identified by independent cybersecurity researchers as belonging to a particular espionage group recently linked to China’s military.

The confluence of these factors –  along with the sensitive operational and technical details that were stolen – make the cyberbreaches perhaps among the most serious so far, some experts say. The stolen information could give an adversary all the insider knowledge necessary to blow up not just a few compressor stations but perhaps many of them simultaneously, effectively holding the nation’s gas infrastructure hostage. Nearly 30 percent of the nation’s power grid now relies on natural gas generation.

“This theft of key information is about hearing the footsteps get closer and closer,” says William Rush, a retired scientist formerly with the Gas Technology Institute who chaired the effort to create a cybersecurity standard applicable to the gas pipeline industry.

“Anyone can blow up a gas pipeline with dynamite. But with this stolen information, if I wanted to blow up not one, but 1,000 compressor stations, I could,” he adds. “I could put the attack vectors in place, let them sit there for years, and set them all off at the same time. I don’t have to worry about getting people physically in place to do the job, I just pull the trigger with one mouse click.Continue reading

Chinese Army Unit Is Seen as Tied to Hacking Against U.S.

Headquarters building of PLA Unit 61398

On the outskirts of Shanghai, in a run-down neighborhood dominated by a 12-story white office tower, sits a People’s Liberation Army base for China’s growing corps of cyberwarriors.

The building off Datong Road, surrounded by restaurants, massage parlors and a wine importer, is the headquarters of P.L.A. Unit 61398. A growing body of digital forensic evidence — confirmed by American intelligence officials who say they have tapped into the activity of the army unit for years — leaves little doubt that an overwhelming percentage of the attacks on American corporations, organizations and government agencies originate in and around the white tower.

An unusually detailed 60-page study, to be released Tuesday by Mandiant, an American computer security firm, tracks for the first time individual members of the most sophisticated of the Chinese hacking groups — known to many of its victims in the United States as “Comment Crew” or “Shanghai Group” — to the doorstep of the military unit’s headquarters. The firm was not able to place the hackers inside the 12-story building, but makes a case there is no other plausible explanation for why so many attacks come out of one comparatively small area. Continue reading

Auditor warns Canada lagging on cyber security

Canada “has been slow” to set up firewalls to protect against cyber threats to critical infrastructure, leaving the nation vulnerable to crippling attacks, the auditor general warned Tuesday.

In a report, Auditor General Michael Ferguson said the government has made only “limited progress” over the past decade to safeguard electrical grids, telecommunications infrastructure, banking systems, manufacturing and transportation, as well as its own computers. Continue reading

Iranian Cyber Attacks Step Up

The Iranian government recently conducted a major cyber attack on a major U.S. financial institution that a military intelligence report said is a sign Tehran is waging covert war against the West.

The cyber attack was not successful but was one of several Iranian-backed electronic strikes detected in recent months that highlights the growing threat from Tehran, a major backer of international terrorism, according to a recent report by the Joint Staff intelligence directorate, known as J-2.

No other details were available on the previously undisclosed attempted Iranian financial cyber attack.

A Joint Staff spokesman declined to comment.

In the past, China and Russia were singled out as major nation-state cyber threats, using their militaries and intelligence services to conduct sophisticated cyber-espionage and preparation for future cyber sabotage in a conflict.

Now, Iran is emerging as a strategic threat to U.S. cyber systems that control critical infrastructure such as military systems, financial networks, communications, the electrical power grid, transportation networks, and other vital functions.

“They’re technically proficient, well-funded, and have placed a top priority on cyber defense and offense thanks in large part to the high number of sophisticated malware discovered on their oil and energy networks,” said Jeffrey Carr, a cyber warfare specialist.

Full article: Iranian Cyber Attacks Step Up (Washington Free Beacon)

10 Ways Attacking Iran Could Destroy The United States

The website itself is a crock, but the list is really worth considering. Here’s number eight:

8) Sleeper Agents Launch A War Along US Mexico Border

According to the US Congress, quoting US intelligence officials, Iran has set up an elaborate gun smuggling network within Mexico and has used Hezbollah to infiltrate the Mexican Drug Cartels. After the United States attacks Iran these agents quickly launch attacks along the Mexico border. The cartels are more than happy to provide foot soldiers for the war because instability means more drugs entering the United States and more profits.

Soon a sophisticated network of Hezbollah narcotunnels along the border are used to wage attacks on several US law enforcement and civilian control agencies. The resulting turmoil also weakens the agencies inside of Mexico fighting the cartels with the assistance of the US. Soon the destruction of various targets along the border bring the entire area under the control of the drug cartels and Iranian Hezbollah agents and the entire US Mexico border turns into an uncontrolled war zone.

Full article: 10 Ways Attacking Iran Could Destroy The United States (Hamsayeh)