Power plants, others face hackers — study
Posted: Monday, February 1, 2010 10:36 am
By: The Associated Press
The Messenger 02.01.10
By JORDAN ROBERTSON
AP Technology Writer
SAN FRANCISCO (AP) — More than half of the operators of power plants and other “critical infrastructure” say in a new study that their computer networks have been infiltrated by sophisticated adversaries.
In many cases, foreign governments are suspected.
The findings come in a survey being released Thursday that offers a rare public look at the damage computer criminals can do to vital institutions such as power grids, water and sewage systems and oil and gas companies. Manipulating the computer systems can cause power outages, floods, sewage spills and oil leaks.
The report was based on an survey completed by 600 executives and technology managers from infrastructure operators in 14 countries. The report was prepared by McAfee Inc., which makes security software, and the Center for Strategic and International Studies in Washington, which analyzed the data and conducted additional interviews.
The report comes as concerns are growing about state-sponsored hacking and threats to critical infrastructure.
In November, CBS’s “60 Minutes” reported several Brazilian power outages were caused by hackers — a report Brazilian officials have played down. Last April, U.S. government officials said spies hacked into the U.S. electric grid and left behind computer programs that would let them disrupt service. The intrusions were discovered after electric companies gave the government permission to audit their systems.
In the report, 54 percent of respondents acknowledged they had been hit by “stealthy infiltration” of their networks. In such break-ins, criminals can plant malicious software to steal files, spy on e-mails and do even scarier things like remotely controlling equipment inside a utility.
Utilities are increasingly using mainstream software and connecting parts of operations to the Internet so technicians can service problems remotely. Both heighten risk of a hacker break-in.
The same percentage of respondents also said they have experienced large-scale “denial-of-service” attacks, in which a computer network is knocked out of service because of it is flooded with bogus Internet traffic.
, , ,