Electric Power Grid Hack Lights Up Cyber-Security Infrastructure Experts

By Roy Mark  |  Posted 2009-04-09 Print this article Print

Russian and Chinese hacks into the U.S. power grid infrastructure neither surprise nor panic cyber security experts. Sensational as it all sounds, some experts contend, the simple ability to map the electrical infrastructure is not the same as knowing how the system is operated or controlled.

News reports of Russian and Chinese spies hacking into the U.S. power grid and planting destructive malware for a later date is not as potentially threatening as it might sound, according to several cyber-security experts. While serious, they point out, both the White House and Congress are moving to pass tougher cyber controls and standards for electrical utilities.

At the White House,
spokesman Nick Shapiro told Reuters, "The president takes the issue of cyber-security very seriously, which is why he ordered a top-to-bottom review shortly after taking office." President Obama ordered his National Security and Homeland Security advisors Feb. 9 to conduct an immediate review of the U.S. government's cyber-security plans, programs and activities. The report is due in next few days.

Shapiro added the White House is not aware of "any disruptions to the power grid caused by deliberate cyber-activity here in the United States."

Homeland Security Secretary Janet Napolitano told reporters in an April 8 briefing, "The vulnerability is something that the Department of Homeland Security and the energy sector have known about for years."

Cyber-security experts agreed.

"This should be a surprise to no one. We all know there are a number of state and non-state actors pursuing U.S. intelligence and disruption activities," Cisco's Chief Security Researcher Patrick Peterson said in a statement. "Today's world is wired, and of course these groups have added electronic infiltration to their attack portfolio."

Gregory Reed, a professor of electrical and computer engineering in Pitt's Swanson School of Engineering and director of the school's Power and Energy Initiative, said the U.S. electrical grid vulnerability is widely known to foreign operatives but, at least at this point, the harm is minimal.

"The recent espionage won't reveal more than how the network is connected, and being able to map the infrastructure is not a threat without knowing how the system is operated and controlled," Reed said in a statement. "But this points out the risk of a smart grid and the need to better secure our energy system: It's good to have open access and consumer control in real time, but we're exposed if it creates entry points for hackers and terrorists."

Reed said the current reports suggest that the hackers did not infiltrate into the electrical grid control systems, but added, "If they can determine where critical facilities are located, how power is delivered, and where control systems are vulnerable, then the information could be used adversely."

In addition to the White House's pending national cyber-security review, Senate lawmakers introduced April 1 legislation calling for a widespread revamp of the country's cyber-security measures.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel