CIA Claims Cyberattacks At Fault In Blackouts
from the now-they-tell-us dept
A few years back, after a major blackout hit the northeast, many people immediately assumed that it had something to do with a terrorist attack on the electricity system or perhaps a computer worm/cyber attack. It turned out to be neither, but it wasn’t that surprising that people jumped to that conclusion. However, afterwards, people began discussing how likely it was that a cyberattack really could take out the power grid for a city, and some people felt that it was fairly unlikely to occur. The CIA, apparently, would disagree. Late Friday, a CIA official claimed that cyberattacks have been to blame for certain blackouts over the past few years, and that the agency had debated whether or not to release that information publicly. Of course, without much in the way of detail, it’s difficult to have any sense of what’s actually happening here and how accurate the information really is. However, we will repeat what we said after that huge blackout: even if it was a cyberattack, it wasn’t particularly damaging. Yes, it was an inconvenience. And, yes, it was annoying, and some businesses were temporarily hurt due to the blackout. But, compared to other types of attacks, shutting off the power certainly seems relatively minor.
Filed Under: blackouts, cia, cyberattacks, cyberterrorism
Companies: cia
Comments on “CIA Claims Cyberattacks At Fault In Blackouts”
I would like to know
Why it is so damned important to have the power grid internet accessible?
This is really insane.
But then, so are a lot of other dumbass ideas.
Re: I would like to know
Why are things which should be secure connected to the internet?
It’s not just the power grid. There are many similar bad ideas.
Re: I would like to know
“Cyberattack” does not necessarily imply internet accessibility. Utilities typically don’t have their SCADA systems open to the internet, although many lease bandwidth from public carriers for the communications links between the substations and the network operations center.
These communications links can be compromised, just as phone lines can be tapped. Indeed some utilities use telephone lines as a very low bandwidth link to the substations.
There is a lot of work being done to address these concerns, and the North American Electric Reliability Corporation has issued Critical Infrastructure Protection guidelines that the utilities are moving to implement.
Re: I would like to know
It’s called remote support. If the system has problems during the night, support people can connect from home and fix the problems more often than having to drive in. Doing so could have the system working again in much less time that way.
I don’t know about you, but if the power went out due to a systems problem that could be solved this way, and due to lack of any remote access, we had to wait an extra 40 min for support to get up, get dressed, and drive into the plant to fix the problem, I’d go with the remote access, especially this time of year.
EtG
Re: Re: I would like to know
It’s called remote support.
First, even if possible, that wouldn’t require being connected to the internet.
Second, power grid problems are usually due to equipment problems that can’t be fixed sitting at home in your jammies.
Good God, Mike. What happened to make TechDirt turn into some sort of Government Conspiracy site? I have absolutely no insight or comments to the previous two weeks of posts.
So I ask, what’s going on in business? What companies may be looking at collaboration? Maybe working together with advisaries? UUUGH!
If you end the week on this, I don’t know man…
Re: Re:
Check more often than once a night on your Google homepage man. This week has had more ‘conspiracy’ theory evoking stories (usually from asinine comment posters) than the last few, but the majority of the stories HAVE been business related.
And unlike some blog viewers, I don’t mind the volume of copyright/IP stories. It’s a shame that there ARE that many, but I’m not looking at this site for entertainment like some others are.
Re: Re: Re:
Just give me something that is at least two degrees away from some sort of a conspiracy… That’s all I ask.
Re: Re: Re: Re:
Iron Chef, you want fewer conspiracy stories? Then go live in a country that’s not run by rich and powerful conspirators.
Re: Re: Re: Re:
I don’t understand. Some CIA guy stands up and says, yeah, power has been taken offline by some hackers, and all of a sudden it’s a conspiracy?
I fail to understand how it is a conspiracy other than in your head.
And electic companies jack up the prices for “security.”
The site is about issues related to technology. Naturally that often involves business, but how is it that that needs to preclude all other types of stories?
It's Bullshit
Good God, Mike. What happened to make TechDirt turn into some sort of Government Conspiracy site? I have absolutely no insight or comments to the previous two weeks of posts.
No… it’s just that the crap the government’s serving up has become so bad, it’s almost impossible to ignore it, unless you intentionally bury your head in the sand anymore.
This is complete bullshit. No cybercrime was responsible for the power being shut down. If it was, then why the hell wasn’t a really large section of the grid shut down, just like in that really huge blackout a few years ago. It’s just more fear mongering by the government. Just watch, in a few months they’ll try to pass a bill and tell us all some garbage like “If you don’t register all computer hardware with us, then terrorists could shut down the power”.
“This is complete bullshit. No cybercrime was responsible for the power being shut down”
Maybe, just maybe, you could try taking your head out of the sand once in a while.
There are bad people out there that want to do harm. Ignoring that fact won’t help you.
Re: Re:
They’re freedom-haters. They hate your freedom. Make sure you vote for Giuliani that’s all he talks about. How about 8 more years of this pandering, I haven’t had enough.
mkam
Re: Re: mkam LOL "freedom haters"
Indeed, LOL! That old chestnut, “they hate us because we’re free” is such a joke on both levels. We haven’t been free since the early 1900’s, and they hate us because WE F****** INVADE THEIR COUNTRIES all the time!
Yeah, I’d be planting IED’s if China occupied us for five years.
Re: Re:
There are bad people out there that want to do harm. Ignoring that fact won’t help you.
And a lot of them are in the government making up stories to divert attention away from themselves.
I’m in Minneapolis, MN, where it is -14F this morning. In this situation, I disagree that power outages are a “relatively minor” threat.
(That’s to say nothing about how worried I am about terrorist or other sources of attacks on the grid. If these systems are accessible to the Internet, this is a problem, because people rarely do security very well.)
Its not just the power grid thats a problem, think of all the systems, the healthcare systems, the traffic systems, air traffic control.
What happens when credit cards don’t work, ATM’s don’t work, banks can’t access accounts? What happens if the monitary system breaks down.
To say it is not an issue is just burying your head in the sand.
Gov't Phishing Expedition
Now, I don’t normally wear my tinfoil hat in public.. but this sounds more like another “opener” for the government to delve/data-mine their way even deeper up the collective citizenry’s ass than any kind of REAL threat.
As far as the hospitals, and other major infrastructure goes…the have (or freakin’ better have) their own back up generators on site (hospitals do for sure).
The monetary system was “broken down” many, many years ago… to think it isn’t is ostrich-like as well.
Re: Gov't Phishing Expedition
You are partly right. What this really is about is spreading fear, and the myth of cyber terrorism. The reason is simple: They want complete control of the information that passes over the net, and they want you to willingly give it to them.
They already monitor nearly 100% of it. Now they want to be able to control/filter/censor it in the name of national security. They want to end the free flow of information.
The CIA is just a foot soldier in a greater endgame. If you believe anything official coming out of the CIA, you are painfully ignorant of the history of this rogue organization.
This isn’t about fighting terrorism. It is about ending personal liberty.
And please, don’t buy into the “Get out the word” BS ala Alex Jones, JBS, [your conspiracy freak group here], etc. The powers that be don’t care who knows what their endgame is. They WANT you to know, because when you do nothing as they steal all your liberty and dignity, you will be doubly enslaved. That is, you will not only be a prisoner, but a willing one, too in awe of the power of your slavemasters to resist.
Study history. Think deeply. Free your mind. It may be the only free thing you have left.
Ahh! Ain’t ranting great?
Now, I don’t normally wear my tinfoil hat in public.. but this sounds more like another “opener” for the government to delve/data-mine their way even deeper up the collective citizenry’s ass than any kind of REAL threat.
Yeah, you know – I was a pretty rock solid republican up until late. Now, I think I see it more clear. It’s basically one political party with two ‘wings’. While they all drink their liquor, watch thier stocks rise sharply, play golf, rent hookers, bang interns… they sit and laugh at how they have duped the public.
For 9800 years – at least in human history it has been common knowledge that government is corrupt, yet for the last few years they have been able to convince people they are benign and only out for our own interests. I’m not so sure human nature and the lust for power have changed any over all those years, human nature is basically the same. Consider… what does it take mentally and emotionally for one to *want* to be in politics for years and years and make a career out of it. I’m sure a few are really there for the people, but I suspect it’s the minority.
Attacks on Natoheadquarter frankfurt + attack in U
Dear sirs,
There have been attacks on the electricity systems by a Russian flying ship, 300 meters long.-
They wanted to control europe or the world by blackouts and they were capturing all dates of electricity during their fatal attacks.
A native American named Edward Toothaker, drawn soldier in FFF HQ has been attacked on poth events.-
Me too.There were swines on board and they blackmailed me wether to be eaten by the swines or drink a whole bottle of Vodka.- Dr. Fink from Marburg Germany.
Please send a special unit of antiterroristic hegh classed special soldiers to overcome the local snakehead Klaus alias Uwe Paehr,3, steinweg 35037 Marburg.-Here is Local Bridgehead of easter mafia AND EASTERN SPY RING WITH 127 SECRET SERICES WORKING AGAINST ME. pLEASE HELP ME OUT , iNEED SOMME SURGERIES FOR MY SPINE.-
sEND 10. 000 AGENTS WELL PREPARED THEY GET EASILY THE SYNDICAT CONSISTING OF ABOUT ONE THOUSAND CRIMINALS OPERATING WORLD WIDE.
tHIS IS THE CENTRAL OF UNDERWORLD, WHERE AS bAMBERG IS THE SECRET CENTER OF dJIHAD, AS aNTENNE bAYERN SAID ON THE RADION. cHECK WASHINGTON pOST AND aFN eUROPE THEY KNOW MORE ABOUT ME AND MY FATE .-
“But, compared to other types of attacks, shutting off the power certainly seems relatively minor.”
If you were laying in an ICU on life-support I’d bet you would feel a blackout was a relatively major event.
Re: Re:
Because hospitals never have backup generators. And they defiantly don’t have any sort of manual backup for respirators.
Yeah, it sucks not having power. But it’s not essential. Humans got by for thousands of years without it. I think you can go for a few hours.
Re: Re:
If you were laying in an ICU on life-support I’d bet you would feel a blackout was a relatively major event.
Gee, maybe that’s why ICU’s have backup power. Any number of thing can disrupt the power grid, from squirrels to traffic accidents to storms to random equipment failure. Relying on the the power grid for life support would be a stupid thing to do.
I forsee that
Power companies will be applying for several billion dollars in Homeland Security grants to help upgrade and secure their networks. Because of the “severity” of the threat, this funding will be approved and the monies distributed to a handful of firms with close ties to the current administration.
Bend over taxpayers, you voted in a bunch of azzrapers, you’ve been getting it for 8 years, and just for jollies they’re gonna give it to you one more time on their way out.
Re: I forsee that
Yep, ‘cuz those benevolent Democrats are better than the thieving Republicans. Wake up, they are all crooks.
Backups
“Because hospitals never have backup generators. And they defiantly don’t have any sort of manual backup for respirators.”
A few hours is one thing but on-site generators typically don’t last indefinitely.
In the event of a prolonged attack, or coupled with other forms of attack it could be a very serious threat.
I think it is silly to dump some ridiculous sum at the issue – a few well-trained IT staffers who’s only focus is security would cut it. Unfortunately those of us in IT know that that is rarely the case; you either have a million other tasks to oversee or you’re grossly understaffed.
Re: Backups
A few hours is one thing but on-site generators typically don’t last indefinitely.
Nothing lasts forever. So what? They can certainly last long enough. They can refueled as needed and there are usually even redundant generators to allow maintenance to be performed wile maintaining power. They could go for years if they needed to.
I've seen this movie!
Don’t worry, I know how it ends. Bruce Willis and Justin Long save the day–only to be themselves saved by the timely arrival of Government agents in helicopters.
(there was lots of action)
Assume it was an attack...
Terrorists often execute small tests to learn about responses and respondent capabilities. What if this was just a test to learn more? Even cyber terrorists are human and learn something out of every exercise.
When the electric grid and other electric-driven public infrastructure go out AND STAY OUT then people will take it very seriously (and it will by then be too late to do anything).
IMHO The wisest course of action is to assume it was a real attack and deal with it accordingly.
Won't be fooled again.
This is utter rubbish. It’s a weak attempt at increasing the gov’s control and taxing authority by cashing in on more Y2K type hysteria. Sounds like the cyber-terrorism budget was about to be slashed – as it rightfully should be. If the CIA has to decide whether or not they can publicize an event, it never happened. It’s as simple as that. Please ball up your tin foil hats and go home.
hmm
“Sounds like the cyber-terrorism budget was about to be slashed”
In all honesty I could really see that.
I don’t know a lot about the inner workings of the CIA budget but I know a lot of other gov agencies in many places use that sort of thing keep the money coming in; haven’t spend 1/4 of this years budget – oh well better buy some new hardware or next year they’ll cut us by 1/4.
Cyber-terrorism not a serious enough threat – oh well did we forget to mention that there have been cases of power outs? Ya, that was a cyber attack. Can’t say when or where tho – national security and all.
Re: hmm
Hey, that goes for any organization… I used to work for a nonprofit that purposefully mangled some of its landscape to convince the city that they needed more money to fix things up.
And I wouldn’t believe for a minute that there was one organization, regardless of affiliation, that wouldn’t do that if the leaders thought it might work.
HoW?
can u say S.N.M.P. ?
UNSECURED
v1 OR v2 with Hp default OpenView Password
yup stupid
but some where also just *mistakes* as well
the report came from the agency with the WMD reports
its much better now
heightened awareness
i work with some network aspects within utilities;
there just wasn’t the awareness that the Utilities have oday
also some of those smaller operators should have been
regulated tightly; some employees were their own worst enemy
Re: HoW?
sorry for spelling mistakes – its late
i lived thru the big one in the east
I recall the actual Ontario Hydro Incident Report
as a Vendor with access to the NOC;
there were many fingers pointing and it came
down to poor management of the control system;
human error
dont be so quick to blame cyber-terrorism
but dont discount that possibility either
again
three letter agency gave us the false-positive
on WMD’s in Iraq so….
America
Land of the paranoid and lawyers.
coincidence?
This “information” comes at the same time the feds want permission to monitor ALL internet activity? Anyone else smell a rat? This is a good way to sway public support for their plans to monitor us all…
Re: coincidence?
They probably already are monitoring all internet activity. Basically, anything that’s unencrypted is like sending a postcard. It’s public and in plain view.
If you really care about your privacy, you should encrypt all your communications. Last I checked, almost every website supports SSL and encrypted email is trivial with most mail clients.
CIA Claims Cyberattacks At Fault In Blackouts
Reischtag: Gulf of Tonkin, Sadam had weapons of mass destruction…911?
Remember? US govt wants to make ANY excuse to turn
technology against US citizens. Headline should read
US trying to scare citizens into giving up more
contitutional rights again. And I totally agree with #1.
propoganda
they’re just using this as ammo for their “we need to read all internet traffic” bill.
You really have no clue. You think its just the power grid at risk? No power, no water, no gas, no oil, no access to money, then what.
Its not just the power, what happens when the diagnostics in a hospital don’t work? What happens when stores can’t make transactions. What happens when Wall Street is shut down.
Did you know that the trading system that the NASDAQ uses resides on computers owned by a foreign company? Yeah, go stick your head in the sand and believe that you are safe. Thank god there are people out there trying to do something about it.
Re: Re:
Thank god there are people out there trying to do something about it.
I wonder if we’ve got a military communications officer (i.e. propaganda troll) with us.
And what happens when the public degenerates into a mass too fucking stupid to see what’s actually happening? Can you imagine that? Imagine, all scientific and social progress is halted because everyone’s too scared of the “evil ones”. Imagine, chemistry is made illegal because it is “too dangerous”. All mail must be read because it might support terrorism. The fourth and fifth amendments disappear in order to “keep you safe”. (I’ll explain this because you’re probably too stupid to actually know what those are. The fourth amendment is the protection from unlawful searches and seizures. The fifth amendment states that no man shall be required to bear witness against himself.)
Now, if you’re done with your fear mongering, I’d like to make sure that I actually have some freedom left at the end of the day.
Did they...
Did they release that information after watching Die Hard 4?
They’d better fix it quick cause Bruce is getting too old to save us.
Somewhere in the middle...
The truth is nearly always found somewhere between the extremes. Trouble is, no one believes their point of view is extreme. Unfortunately most conspiracy theories, in addition to containing a disappointing lack of evidence, invariably employ circular logic: “there’s no evidence of the conspiracy because it’s a conspiracy.” So, we are to take on faith what we cannot see, trusting that we are being deceived. Ironically, this is the same position most conspiracy theorists charge the power establishment with taking: “a terrorist conspiracy is working against us, but of course you can’t see it, because it’s a conspiracy.”
O’Grady, well, not to get technical or anything, but there are in fact over 3,000 dead bodies that are pretty much proof that there is a terrorist conspiracy against the US.
London has proof via dead bodies in a train station.
Spain has proof via dead bodies on a train.
Re: Re:
Those proofs show that there is a terrorist conspiracy against London and Spain. Don’t know how train bombings in other parts of the world prove the US is in trouble. But 9/11 would have been a good example. Since then…
Chuck, I figured since the article talked about power outages in other countries, terrorist attacks in other countries would be comparable, especially when considering they are carried out by the same organization.
where are the good journalists in this equation
What I find most intriguing about the CIA power grid conspiracy lies in the dichotomy of opinions. We have the news agencies reporting the event without any critical commentary on whether or not it is “a conspiracy” while the technical blogs that I have visited all place emphasis on the unlikelihood that the cyberattacks are valid.
One would have thought that there would be something or someone out there (journalist) who simply searched through newspaper databases in multiple languages to see where power outages affecting multiple cities had occurred on a single grid.
If anyone can point me to a single story or blog which has actually attempted to verify either side of the coin I would be most appreciative.