Spies Penetrate U.S. Electricity Grid

National security officials have announced the U.S. electricity grid was recently compromised by foreign hackers.  Current and former national security officials stated the spies left behind software that could be used to disrupt the electric grid in the United States. 

Security analyst’s said the attacks stem from Russia and China, both are trying to map our power grid infrastructure and its inner-workings.  Government officials stress no immediate threat can be seen. 

The software the hackers left behind were meant to be stealthy and hidden, ready to be turned on for malicious reasons in time of attack, but was luckily found by U.S. Intelligence and Security agencies. 

The Kansas City Star is reporting that In 1997, Kansas City Power & Light saw about 10,000 such “events” each month. Now it’s 10 to 20 every second.

The espionage appeared pervasive across the U.S. and doesn’t target a particular company or region, said a former Department of Homeland Security official. “There are intrusions, and they are growing,” the former official said, referring to electrical systems. “There were a lot last year.”

Officials said water, sewage and other infrastructure systems also were at risk.

“Over the past several years, we have seen cyberattacks against critical infrastructures abroad, and many of our own infrastructures are as vulnerable as their foreign counterparts,” Director of National Intelligence Dennis Blair recently told lawmakers. “A number of nations, including Russia and China, can disrupt elements of the U.S. information infrastructure.”

A senior Pentagon official said Tuesday the Pentagon has spent $100 million in the past six months repairing cyber damage.

Security experts from the U.S. government have stated the attacks are so sophisticated, they are likely perpetrated by China and Russia. 

Conficker, Ghost spy network, PowerPoint attacks and now the U.S. electricity grid.  Are these breaches overblown media stories meant to instill fear and pump sales of security software?  It seems like there are more and more stories about the latest worm or breach of security of epic proportions.

I believe there is definitely a risk of any box that is connected to the Internet, no matter how many software or hardware defenses you have on it.  Nothing is perfect, no security unreachable.  If we have learned anything from Kevin Mitnick, it’s that the hardware is not the weakest link.  The weakest link of any network is almost always the users who manage it orhave access to it.  Social engineering is a real threat and the only defense against it is training every single person who has access to your secured network.  I wish more details were available on how these networks were penetrated, but we will likely never know. 

Even with all the training in the world, no one is perfect.  All the security in the world, none of which is perfect.  Therefore, any network is not 100% secure.