Worry: Hackers can take over power plants

Published 5 August 2010

In many cases, operating systems at power plants and other critical infrastructure are decades old; sometimes they are not completely separated from other computer networks used by companies to run administrative systems or even access the Internet; those links between the administrative networks and the control systems provide gateways for hackers to insert malicious codes, viruses, or worms into the programs that operate the plants

Hackers have begun targeting power plants and other critical operations around the world in bold new efforts to seize control of them, setting off a scramble to shore up aging, vulnerable systems, the Energy Department warned in a July 2010 report. The Energy Department report is based on the findings of twenty-four assessments of computer-control systems performed between 2003 and 2009. It was completed in May, released 22 July on the Energy Department’s Web site.

Siobhan Gorman writes that the report reinforces concerns that intelligence officials have raised in recent years about growing surveillance of the electric grid by Chinese and Russian cyber-spies, which the Wall Street Journal reported last year. One worry is that a foreign country could shut down power in parts of the United States.

Cyber criminals have long tried, at times successfully, to break into vital networks and power systems. Last month, however, experts for the first time discovered a malicious computer code — called a worm — specifically created to take over systems that control the inner workings of industrial plants (see “Malicious virus targets SCADA systems,” 20 July 2010 HSNW; and “Siemens: Removing SCADA trojan may disrupt power plants,” 26 July 2010 HSNW).

Yahoo! News reports that in response to the growing threat, DHS has begun building specialized teams that can respond quickly to cyber emergencies at industrial facilities across the country.

As much as 85 percent of the U.S. critical infrastructure is owned and operated by private companies, ranging from nuclear and electric power plants to transportation and manufacturing systems. Many of the new attacks have occurred overseas, but the latest episode magnified worries about the security of plants in the United States.

This type of malicious code and others we’ve seen recently are actually attacking the physical components, the devices that open doors, close doors, build cars and open gates,” said Sean McGurk, director of control systems security for DHS. “They’re not just going after the ones and zeros (of a computer code), they’re going after the devices that actually produce or conduct physical processes.”

Officials have yet to point to any operating system that has been compromised by the latest computer worm, but cyber experts are concerned that attacks on industrial systems are evolving.

In the past, it was not unusual to see hackers infiltrate corporate networks, breaking in through gaps and stealing or manipulating data. The intrusions, at times, could trigger plant shutdowns.