CIA Claims Cyberattacks At Fault In Blackouts

from the now-they-tell-us dept

A few years back, after a major blackout hit the northeast, many people immediately assumed that it had something to do with a terrorist attack on the electricity system or perhaps a computer worm/cyber attack. It turned out to be neither, but it wasn’t that surprising that people jumped to that conclusion. However, afterwards, people began discussing how likely it was that a cyberattack really could take out the power grid for a city, and some people felt that it was fairly unlikely to occur. The CIA, apparently, would disagree. Late Friday, a CIA official claimed that cyberattacks have been to blame for certain blackouts over the past few years, and that the agency had debated whether or not to release that information publicly. Of course, without much in the way of detail, it’s difficult to have any sense of what’s actually happening here and how accurate the information really is. However, we will repeat what we said after that huge blackout: even if it was a cyberattack, it wasn’t particularly damaging. Yes, it was an inconvenience. And, yes, it was annoying, and some businesses were temporarily hurt due to the blackout. But, compared to other types of attacks, shutting off the power certainly seems relatively minor.

Filed Under: , , ,
Companies: cia

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “CIA Claims Cyberattacks At Fault In Blackouts”

Subscribe: RSS Leave a comment
Whoa says:

Re: I would like to know

“Cyberattack” does not necessarily imply internet accessibility. Utilities typically don’t have their SCADA systems open to the internet, although many lease bandwidth from public carriers for the communications links between the substations and the network operations center.

These communications links can be compromised, just as phone lines can be tapped. Indeed some utilities use telephone lines as a very low bandwidth link to the substations.

There is a lot of work being done to address these concerns, and the North American Electric Reliability Corporation has issued Critical Infrastructure Protection guidelines that the utilities are moving to implement.

Eric the Grey says:

Re: I would like to know

It’s called remote support. If the system has problems during the night, support people can connect from home and fix the problems more often than having to drive in. Doing so could have the system working again in much less time that way.

I don’t know about you, but if the power went out due to a systems problem that could be solved this way, and due to lack of any remote access, we had to wait an extra 40 min for support to get up, get dressed, and drive into the plant to fix the problem, I’d go with the remote access, especially this time of year.


Iron Chef says:

Good God, Mike. What happened to make TechDirt turn into some sort of Government Conspiracy site? I have absolutely no insight or comments to the previous two weeks of posts.

So I ask, what’s going on in business? What companies may be looking at collaboration? Maybe working together with advisaries? UUUGH!

If you end the week on this, I don’t know man…

Anonymous Coward says:

Re: Re:

Check more often than once a night on your Google homepage man. This week has had more ‘conspiracy’ theory evoking stories (usually from asinine comment posters) than the last few, but the majority of the stories HAVE been business related.

And unlike some blog viewers, I don’t mind the volume of copyright/IP stories. It’s a shame that there ARE that many, but I’m not looking at this site for entertainment like some others are.

Overcast says:

Good God, Mike. What happened to make TechDirt turn into some sort of Government Conspiracy site? I have absolutely no insight or comments to the previous two weeks of posts.

No… it’s just that the crap the government’s serving up has become so bad, it’s almost impossible to ignore it, unless you intentionally bury your head in the sand anymore.

Anonymous Coward says:

This is complete bullshit. No cybercrime was responsible for the power being shut down. If it was, then why the hell wasn’t a really large section of the grid shut down, just like in that really huge blackout a few years ago. It’s just more fear mongering by the government. Just watch, in a few months they’ll try to pass a bill and tell us all some garbage like “If you don’t register all computer hardware with us, then terrorists could shut down the power”.

methylamine says:

Re: Re: mkam LOL "freedom haters"

Indeed, LOL! That old chestnut, “they hate us because we’re free” is such a joke on both levels. We haven’t been free since the early 1900’s, and they hate us because WE F****** INVADE THEIR COUNTRIES all the time!

Yeah, I’d be planting IED’s if China occupied us for five years.

Scott Carpenter (user link) says:

I’m in Minneapolis, MN, where it is -14F this morning. In this situation, I disagree that power outages are a “relatively minor” threat.

(That’s to say nothing about how worried I am about terrorist or other sources of attacks on the grid. If these systems are accessible to the Internet, this is a problem, because people rarely do security very well.)

Anonymous Coward says:

Its not just the power grid thats a problem, think of all the systems, the healthcare systems, the traffic systems, air traffic control.

What happens when credit cards don’t work, ATM’s don’t work, banks can’t access accounts? What happens if the monitary system breaks down.

To say it is not an issue is just burying your head in the sand.

LJSeinfeld (profile) says:

Gov't Phishing Expedition

Now, I don’t normally wear my tinfoil hat in public.. but this sounds more like another “opener” for the government to delve/data-mine their way even deeper up the collective citizenry’s ass than any kind of REAL threat.

As far as the hospitals, and other major infrastructure goes…the have (or freakin’ better have) their own back up generators on site (hospitals do for sure).

The monetary system was “broken down” many, many years ago… to think it isn’t is ostrich-like as well.

Teilo says:

Re: Gov't Phishing Expedition

You are partly right. What this really is about is spreading fear, and the myth of cyber terrorism. The reason is simple: They want complete control of the information that passes over the net, and they want you to willingly give it to them.

They already monitor nearly 100% of it. Now they want to be able to control/filter/censor it in the name of national security. They want to end the free flow of information.

The CIA is just a foot soldier in a greater endgame. If you believe anything official coming out of the CIA, you are painfully ignorant of the history of this rogue organization.

This isn’t about fighting terrorism. It is about ending personal liberty.

And please, don’t buy into the “Get out the word” BS ala Alex Jones, JBS, [your conspiracy freak group here], etc. The powers that be don’t care who knows what their endgame is. They WANT you to know, because when you do nothing as they steal all your liberty and dignity, you will be doubly enslaved. That is, you will not only be a prisoner, but a willing one, too in awe of the power of your slavemasters to resist.

Study history. Think deeply. Free your mind. It may be the only free thing you have left.

Ahh! Ain’t ranting great?

Overcast says:

Now, I don’t normally wear my tinfoil hat in public.. but this sounds more like another “opener” for the government to delve/data-mine their way even deeper up the collective citizenry’s ass than any kind of REAL threat.

Yeah, you know – I was a pretty rock solid republican up until late. Now, I think I see it more clear. It’s basically one political party with two ‘wings’. While they all drink their liquor, watch thier stocks rise sharply, play golf, rent hookers, bang interns… they sit and laugh at how they have duped the public.

For 9800 years – at least in human history it has been common knowledge that government is corrupt, yet for the last few years they have been able to convince people they are benign and only out for our own interests. I’m not so sure human nature and the lust for power have changed any over all those years, human nature is basically the same. Consider… what does it take mentally and emotionally for one to *want* to be in politics for years and years and make a career out of it. I’m sure a few are really there for the people, but I suspect it’s the minority.

Anonymous Coward says:

Attacks on Natoheadquarter frankfurt + attack in U

Dear sirs,
There have been attacks on the electricity systems by a Russian flying ship, 300 meters long.-
They wanted to control europe or the world by blackouts and they were capturing all dates of electricity during their fatal attacks.
A native American named Edward Toothaker, drawn soldier in FFF HQ has been attacked on poth events.-
Me too.There were swines on board and they blackmailed me wether to be eaten by the swines or drink a whole bottle of Vodka.- Dr. Fink from Marburg Germany.
Please send a special unit of antiterroristic hegh classed special soldiers to overcome the local snakehead Klaus alias Uwe Paehr,3, steinweg 35037 Marburg.-Here is Local Bridgehead of easter mafia AND EASTERN SPY RING WITH 127 SECRET SERICES WORKING AGAINST ME. pLEASE HELP ME OUT , iNEED SOMME SURGERIES FOR MY SPINE.-


Anonymous Coward says:

Re: Re:

If you were laying in an ICU on life-support I’d bet you would feel a blackout was a relatively major event.

Gee, maybe that’s why ICU’s have backup power. Any number of thing can disrupt the power grid, from squirrels to traffic accidents to storms to random equipment failure. Relying on the the power grid for life support would be a stupid thing to do.

Thom says:

I forsee that

Power companies will be applying for several billion dollars in Homeland Security grants to help upgrade and secure their networks. Because of the “severity” of the threat, this funding will be approved and the monies distributed to a handful of firms with close ties to the current administration.

Bend over taxpayers, you voted in a bunch of azzrapers, you’ve been getting it for 8 years, and just for jollies they’re gonna give it to you one more time on their way out.

Just Me says:


“Because hospitals never have backup generators. And they defiantly don’t have any sort of manual backup for respirators.”

A few hours is one thing but on-site generators typically don’t last indefinitely.
In the event of a prolonged attack, or coupled with other forms of attack it could be a very serious threat.

I think it is silly to dump some ridiculous sum at the issue – a few well-trained IT staffers who’s only focus is security would cut it. Unfortunately those of us in IT know that that is rarely the case; you either have a million other tasks to oversee or you’re grossly understaffed.

Anonymous Coward says:

Re: Backups

A few hours is one thing but on-site generators typically don’t last indefinitely.

Nothing lasts forever. So what? They can certainly last long enough. They can refueled as needed and there are usually even redundant generators to allow maintenance to be performed wile maintaining power. They could go for years if they needed to.

cyber defender says:

Assume it was an attack...

Terrorists often execute small tests to learn about responses and respondent capabilities. What if this was just a test to learn more? Even cyber terrorists are human and learn something out of every exercise.

When the electric grid and other electric-driven public infrastructure go out AND STAY OUT then people will take it very seriously (and it will by then be too late to do anything).

IMHO The wisest course of action is to assume it was a real attack and deal with it accordingly.

Keith Moon says:

Won't be fooled again.

This is utter rubbish. It’s a weak attempt at increasing the gov’s control and taxing authority by cashing in on more Y2K type hysteria. Sounds like the cyber-terrorism budget was about to be slashed – as it rightfully should be. If the CIA has to decide whether or not they can publicize an event, it never happened. It’s as simple as that. Please ball up your tin foil hats and go home.

Just Me says:


“Sounds like the cyber-terrorism budget was about to be slashed”
In all honesty I could really see that.
I don’t know a lot about the inner workings of the CIA budget but I know a lot of other gov agencies in many places use that sort of thing keep the money coming in; haven’t spend 1/4 of this years budget – oh well better buy some new hardware or next year they’ll cut us by 1/4.
Cyber-terrorism not a serious enough threat – oh well did we forget to mention that there have been cases of power outs? Ya, that was a cyber attack. Can’t say when or where tho – national security and all.

Anonymous Coward says:

Re: hmm

Hey, that goes for any organization… I used to work for a nonprofit that purposefully mangled some of its landscape to convince the city that they needed more money to fix things up.

And I wouldn’t believe for a minute that there was one organization, regardless of affiliation, that wouldn’t do that if the leaders thought it might work.

YUP says:


can u say S.N.M.P. ?
v1 OR v2 with Hp default OpenView Password
yup stupid
but some where also just *mistakes* as well
the report came from the agency with the WMD reports

its much better now
heightened awareness

i work with some network aspects within utilities;
there just wasn’t the awareness that the Utilities have oday

also some of those smaller operators should have been
regulated tightly; some employees were their own worst enemy

Yup says:

Re: HoW?

sorry for spelling mistakes – its late
i lived thru the big one in the east
I recall the actual Ontario Hydro Incident Report
as a Vendor with access to the NOC;
there were many fingers pointing and it came
down to poor management of the control system;
human error

dont be so quick to blame cyber-terrorism
but dont discount that possibility either

three letter agency gave us the false-positive
on WMD’s in Iraq so….

Anonymous Coward says:

Re: coincidence?

They probably already are monitoring all internet activity. Basically, anything that’s unencrypted is like sending a postcard. It’s public and in plain view.

If you really care about your privacy, you should encrypt all your communications. Last I checked, almost every website supports SSL and encrypted email is trivial with most mail clients.

Anonymous Coward says:

You really have no clue. You think its just the power grid at risk? No power, no water, no gas, no oil, no access to money, then what.

Its not just the power, what happens when the diagnostics in a hospital don’t work? What happens when stores can’t make transactions. What happens when Wall Street is shut down.

Did you know that the trading system that the NASDAQ uses resides on computers owned by a foreign company? Yeah, go stick your head in the sand and believe that you are safe. Thank god there are people out there trying to do something about it.

Anonymous Coward says:

And what happens when the public degenerates into a mass too fucking stupid to see what’s actually happening? Can you imagine that? Imagine, all scientific and social progress is halted because everyone’s too scared of the “evil ones”. Imagine, chemistry is made illegal because it is “too dangerous”. All mail must be read because it might support terrorism. The fourth and fifth amendments disappear in order to “keep you safe”. (I’ll explain this because you’re probably too stupid to actually know what those are. The fourth amendment is the protection from unlawful searches and seizures. The fifth amendment states that no man shall be required to bear witness against himself.)

Now, if you’re done with your fear mongering, I’d like to make sure that I actually have some freedom left at the end of the day.

O'Grady says:

Somewhere in the middle...

The truth is nearly always found somewhere between the extremes. Trouble is, no one believes their point of view is extreme. Unfortunately most conspiracy theories, in addition to containing a disappointing lack of evidence, invariably employ circular logic: “there’s no evidence of the conspiracy because it’s a conspiracy.” So, we are to take on faith what we cannot see, trusting that we are being deceived. Ironically, this is the same position most conspiracy theorists charge the power establishment with taking: “a terrorist conspiracy is working against us, but of course you can’t see it, because it’s a conspiracy.”

sunfish says:

where are the good journalists in this equation

What I find most intriguing about the CIA power grid conspiracy lies in the dichotomy of opinions. We have the news agencies reporting the event without any critical commentary on whether or not it is “a conspiracy” while the technical blogs that I have visited all place emphasis on the unlikelihood that the cyberattacks are valid.

One would have thought that there would be something or someone out there (journalist) who simply searched through newspaper databases in multiple languages to see where power outages affecting multiple cities had occurred on a single grid.

If anyone can point me to a single story or blog which has actually attempted to verify either side of the coin I would be most appreciative.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...