Page last updated at 02:30 GMT, Thursday, 9 April 2009 03:30 UK

Spies 'infiltrate US power grid'

By Maggie Shiels
Technology reporter, BBC News, Silicon Valley

Electricity pylons
Security experts say the technology protecting the grid has not kept pace

The US government has admitted the nation's power grid is vulnerable to cyber attack, following reports it has been infiltrated by foreign spies.

The Wall Street Journal (WSJ) newspaper reported that Chinese and Russian spies were behind this "pervasive" breach.

It said software had been left behind that could shut down the electric grid.

"The vulnerability is something [we] have known about for years," said US Homeland Security Secretary Janet Napolitano.

"We acknowledge that... in this world, in an increasingly cyber world, these are increasing risks," Ms Napolitano added.

She refused to comment on the WSJ story that an intrusion had taken place, but security experts said they were not surprised by the claims.

"There is a pretty strong consensus in the security community that the SCADA equipment, a class of technology that is used to manage critical infrastructure, has not kept pace with the rest of the industry," said Dan Kaminsky, a cyber security analyst and director of penetration testing for IOActive.

"Software for desktops and the internet have been dealing with the issue of security for the last 10 years, and that hasn't really come into the SCADA realm.

"From a geo-political standpoint, this has created an opening for skilled 'hostiles' to obtain a presence in places we would rather they didn't have one."

'Strategic thinking'

The WSJ reported that the intruders had not sought to damage the power grid or any other key infrastructure so far, but suggested they could change their approach in the event of a crisis or war.

US government computer
A report last year said China had been accessing sensitive US databases

Security watchers said that, if true, the involvement of the Chinese and Russians in such a scenario would show they were strategically thinking about how either to constrain the US or to inflict more damage if they felt a need to do so.

"I think that China recognises if in a very strategic sense you want to ensure you have the ability to exploit another country's potential weakness or vulnerability, but do it in a way that isn't confrontational or cause an international crisis, then this is a very good way of doing that," Eric Rosenbach, of Harvard University's Kennedy School of Government's Belfer Center, told Reuters news agency.

The motives behind these potential attacks are undoubtedly military or political in nature, said Tim Mather, chief security strategist for the RSA Conference, the world's biggest security event.

He told the BBC: "These countries are not doing this willy-nilly. There is a tactical reason for all of this and no doubt tied to a longer term strategic plan which is gosh if they need to jerk the chain of the US, then this is the way to do it.

"This is like having an ace in the hole for the Chinese or Russians, just in case," said Mr Mather.

'Top-to-bottom review'

In the coming weeks, a government review of cyber security is due to land on the desk of US President Barack Obama.

"The president takes the issue of cyber security very seriously, which is why he ordered a top-to-bottom review shortly after taking office," said White House spokesman Nick Shapiro.

Light bulb
The Journal said intelligence officials brought the breaches to light

He added that the White House was not aware of "any disruptions to the power grid caused by deliberate cyber-activity here in the United States".

Mississippi Democratic Representative Bennie Thompson, chairman of the House of Representatives Homeland Security Committee, said he would introduce legislation to address weaknesses in the system.

"Our electric system is critical to our way of life, and we cannot afford to leave it vulnerable to attack. Our oversight indicates there is a significant gap in current regulation to effectively secure the infrastructure," he said.

The North American Electric Reliability Corp, the industry group with responsibility for grid reliability and security, said it was unaware of any cyber-attacks that had led to disruptions of service.

"NERC and industry leaders are taking steps in the right direction to improve preparedness and response to potential cyber threats. There is definitely more to be done," the group said in a statement.

"To date the number of people in the position to cause harm on SCADA has been thankfully relatively small," Mr Kaminsky told the BBC.

"But however small, it is big enough to be a problem and a problem that can potentially turn the lights out and cause economic harm to our country. The game is up," he said.

Print Sponsor

What makes a cyber criminal?
19 May 08 |  Americas
Obama begins cybersecurity review
10 Feb 09 |  Technology
Google and GE in energy deal
18 Sep 08 |  Technology
Cybercrime threat rising sharply
31 Jan 09 |  Davos 2009
China spying 'biggest US threat'
15 Nov 07 |  Americas
US warned of China 'cyber-spying'
20 Nov 08 |  Asia-Pacific
Firms demand aid on hi-tech crime
03 Nov 08 |  Technology
EU to search out cyber criminals
01 Dec 08 |  Technology

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Americas Africa Europe Middle East South Asia Asia Pacific