Image: Worldwide SCADA port locations
Report: China, Russia Top Sources of Power Grid Probes
related: America’s Unprotected Back Door: the New Terrorist Threat
U.S. Electrical Grid in Penetrated by Russian and Chinese Spies
Have Embedded Code in Power Grid
Hackers Have Attacked Foreign Utilities, CIA Analyst Says
US Video Shows Hacker Hit on Power Grid
When the Power Grid Shuts Down – Why You Should Care to Prepare for Disasters Emergencies
CIA Launches Hunt for International Computer Hackers Threatening to Hold Cities Ransom By Shutting Off Power
Blackout 2003 Revisited
Blackouts: The Power Grid Is Too Sensitive for Its Own Good
Power Grid Raise Concerns Raised About Power Reliability
5 Years After Blackout, Power Grid Still in 'Dire Straits'
|
HOLLY NOTE: This is as serious as it gets: know how to use a home generator safely and properly store fuel; water storage and purification knowledge essential |
April 14, 2009
Frian Krebs
Washington Post
Last week, blogs and the mainstream press alike were abuzz with reports that Chinese and Russian hackers had penetrated the U.S. power grid and left behind secret back doors. The original story, a piece in the Wall Street Journal, was light on details, and many readers have asked me if I uncovered additional nuggets of knowledge about the existence of these back doors. I have not.
But I have discovered some interesting data published recently, which seems to support the notion that China and Russia are quite interested in locating digital control systems connected to our nation's power grid and other complex critical infrastructures.
The data comes from a white paper released late last month by Team Cymru, a group of researchers who try to discover who is behind Internet crime and why. That document sought to provide empirical evidence to show which nations were most active in probing our networks for the presence of highly specialized systems designed to control large, complex systems.
These so-called "supervisory control and data acquisition" (SCADA) systems help engineers monitor, communicate with, and control equipment used for energy generation and distribution (SCADA systems also help manage other complex systems, such as water networks, transportation switching systems, etc.).
Image: Worldwide SCADA port locations
Most of these SCADA systems communicate over proprietary communications protocols that were never designed with security in mind. To make matters worse, Cymru notes, "many of these older communications methods (fiber, radio transmission, dedicated modem, satellite, microwave, PSTN, cellular, wireless, powerline carrier) are increasingly being replaced by the public Internet," which provides considerable cost savings.
The report continues: "The communication protocols and implementation details of the various proprietary SCADA protocols are generally not available to researchers, and a wide variety of ports and methods are used amongst the various vendors. This does not significantly hinder the miscreants, who will simply scan for wide ranges of well-known SCADA-related ports, and tailor their attacks to the results they find."
read full article: http://voices.washingtonpost.com/securityfix/2009/04/report_china_russia_top_source.html?hpid=sec-tech