In multiple incidents, unknown attackers breached the networks of utilities and disrupted the power to cities outside the United States, an analyst for the U.S. Central Intelligence Agency reportedly told attendees at a critical-infrastructure conference on Friday.
The attacks did not affect U.S. power companies nor the nation's cities, the analyst told attendees at the SANS SCADA Summit in New Orleans. The cases involved unknown attackers compromising a utilities company's network and then demanding ransom from the firm. In at least one case, the attack cause a power outage that affected multiple cities, the CIA analyst said, according to media reports.
"We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands," senior CIA analyst Tom Donahue said, according to a statement posted by the SANS Institute, which hosted the conference. "We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."
The makers of industrial control and monitoring systems -- of which the most well-known type is supervisory control and data acquisition (SCADA) systems -- have largely depended on the obscurity of the devices and software to keep the systems secure. SCADA system vendors have taken issue when security researchers have disclosed vulnerabilities. However, several incidents and demonstrations have convinced the U.S. federal government to focus on the threat to the nation's critical infrastructure.
The announcement marks a rare case of openness for the U.S. Central Intelligence agency. A spokesperson for the agency, which focuses on intelligence gathering and counterterrorism outside the U.S., refused to comment to the media.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos