CIA: Hackers have already attacked the electric grid

CIA: Hackers have already attacked the electric grid

In the past week, there's been a good deal of publicity about security holes in the Smart Grid, making it a potential hacker's playground, as well as an entry point into enterprise networks. Here's more fuel for the fire: A year ago, the CIA claimed that hackers had invaded the networks of power utilities outside the U.S., causing power outages in several cities, and issuing extortion demands.
digg_url = ‘';

As I recently blogged, the security firm IOActive warns that the Smart Grid is vulnerable to the kind of attacks that have bedeviled Internet sites and ordinary users for years. These include "common security vulnerabilities such as protocol tampering, buffer overflows, persistent, and non-persistent rootkits and code propagation," the firm says.

A year ago at the the critical infrastructure SANS SCADA Summit in New Orleans, the CIA said that hackers had already hacked into the networks of power companies overseas. The site SecurityFocus reported:
The cases involved unknown attackers compromising a utilities company's network and then demanding ransom from the firm. In at least one case, the attack cause a power outage that affected multiple cities, the CIA analyst said.
The attacks were launched via the Internet. Here's the full statement that the CIA official gave, according to the SANS Institute:
"We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."
The entire Smart Grid will be based on Internet technology, which means that it will be potentially more vulnerable that the existing grid to hackers.

SecurityFocus had an article saying that a significant vulnerability through which hackers can crawl may well be people's homes. The site noted that researcher Travis Goodspeed, who discovered the Smart Grid vulnerabilities along with IOActive, has blogged about how easy it is to hack into devices that use the Zigbee wireless protocol. Home area networks that control home power consumption use Zigbee. You can read Goodspeed's blog post here.

All this is scary stuff. But it's good that it's coming out now, rather than after the grid is built. There are signs that the grid's security vulnerabilities are being taken seriously. For example, the National Science Foundation funds the Trustworthy Cyber Infrastructure for the Power Grid (TCIP). TCIP is a venture using the brainpower of researchers from the University of Illinois at Urbana-Champaign, Cornell University, Dartmouth College, and Washington State University. Its goal, according to its Web site, is to "protect the nation's power grid by significantly improving the way the power grid infrastructure is built, making it more secure, reliable, and safe."