U.S. Power Grid Being Hit With ‘Increasing’ Hacking Attacks, Government Warns

One can only imagine how much more the threat is multiplied because of the “patch and pray” culture America was warned about as early as 1998. Nobody in the industry cares until after the problem happens, then they stick a band-aid on it.

 

Potential to ‘take down’ U.S. power grids, water systems and other critical infrastructure

…

While experts have long signaled that the U.S. power grid and related systems are vulnerable to physical attacks by terrorists and other individuals, the U.S. government is now warning that sensitive computer systems that maintain the grid are increasingly being attacked, according to a Congressional Research Service (CRS) report that was not made public until the Federation of American Scientists (FAS) disclosed it this month.

…

These types of computer viruses are able to comb internal systems for private information in a clandestine manner; they can also be used to wrest control of certain computers away from their owners.

“In recent years, new threats have materialized as new vulnerabilities have come to light, and a number of major concerns have emerged about the resilience and security of the nation’s electric power system,” the report says. “In particular, the cyber security of the electricity grid has been a focus of recent efforts to protect the integrity of the electric power system.” Continue reading →

U.S. utility’s control system was hacked, says Homeland Security

(Reuters) – A sophisticated hacking group recently attacked a U.S. public utility and compromised its control system network, but there was no evidence that the utility’s operations were affected, according to the Department of Homeland Security.

DHS did not identify the utility in a report that was issued this week by the agency’s Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT. Continue reading →

Has New York’s traffic light system been HACKED? Researcher claims to be able to control Manhattan traffic (and says the same technique will work around the world)

• Researcher claims to be able to control light patterns in Manhattan
• Say technique can be used in all major cities
• Uses special $4,000 router to control traffic sensors embedded in roads

A security expert claims to have uncovered a major flaw in the traffic system in in major cities around the world including London and New York.

Cesar Cerrudo, an Argentinian security researcher with IoActive, says he can control traffic lights and even reroute traffic. Continue reading →

Exclusive: Cyberattack leaves natural gas pipelines vulnerable to sabotage

For further information on SCADAs, please see the following Global Geopolitics entries that were ahead of the curve:

• Security backdoor found in China-made US military chip
• UPDATE 3: U.S. probes cyber attack on water system

“Red Dragon Rising: Communist China’s Military Threat to America” from 1999 is a highly recommended read. The United States is in more vulnerable than most people know, and longer than most people would have thought.

Cyberspies linked to China’s military targeted nearly two dozen US natural gas pipeline operators over a recent six-month period, stealing information that could be used to sabotage US gas pipelines, according to a restricted US government report and a source familiar with the government investigation.

From December 2011 through June 2012, cyberspies targeted 23 gas pipeline companies with e-mails crafted to deceive key personnel into clicking on malicious links or file attachments that let the attackers slip into company networks, says the Department of Homeland Security (DHS) report.

The report does not mention China, but the digital signatures of the attacks have been identified by independent cybersecurity researchers as belonging to a particular espionage group recently linked to China’s military.

The confluence of these factors –  along with the sensitive operational and technical details that were stolen – make the cyberbreaches perhaps among the most serious so far, some experts say. The stolen information could give an adversary all the insider knowledge necessary to blow up not just a few compressor stations but perhaps many of them simultaneously, effectively holding the nation’s gas infrastructure hostage. Nearly 30 percent of the nation’s power grid now relies on natural gas generation.

“This theft of key information is about hearing the footsteps get closer and closer,” says William Rush, a retired scientist formerly with the Gas Technology Institute who chaired the effort to create a cybersecurity standard applicable to the gas pipeline industry.

“Anyone can blow up a gas pipeline with dynamite. But with this stolen information, if I wanted to blow up not one, but 1,000 compressor stations, I could,” he adds. “I could put the attack vectors in place, let them sit there for years, and set them all off at the same time. I don’t have to worry about getting people physically in place to do the job, I just pull the trigger with one mouse click.” Continue reading →

US plants hit by USB stick malware attack

Two power plants in the US were affected by malware attacks in 2012, a security authority has said.

In its latest quarterly newsletter, the US Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) said “common and sophisticated” attacks had taken place.

Malware had infected each plant’s system after being inadvertently brought in on a USB stick, it said. Continue reading →

US Nuclear Power Plants May Be Totally Vulnerable To Hackers

BOSTON (Reuters) – The U.S. government is looking into claims by a cyber security researcher that flaws in software for specialized networking equipment from Siemens could enable hackers to attack power plants and other critical systems.

The Department of Homeland Security said in an alert released on Tuesday that it had asked RuggedCom to confirm the vulnerability that Clarke, a 30-year-old security expert who has long worked in the electric utility field, had identified and identify steps to mitigate its impact.

…

“If you can get to the inside, there is almost no authentication, there are almost no checks and balances to stop you,” Clarke said.

…

Marcus Carey, a researcher with Boston-based security firm Rapid7, said potential attackers might exploit the bug discovered by Clarke to disable communications networks as one element of a broader attack.

“It’s a big deal,” said Carey, who previously helped defend military networks as a member of the U.S. Navy Cryptologic Security Group. “Since communications between these devices is critical, you can totally incapacitate an organization that requires the network.”

…

The report on the RuggedCom vulnerability is among 90 released so far this year by ICS-CERT about possible risks to critical infrastructure operators. That is up from about 60 in the same period a year earlier, according to data published on the agency’s website.

Full article: US Nuclear Power Plants May Be Totally Vulnerable To Hackers (Business Insider)