[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] LAT 8.07.02 Hacker haben Energieversorger im Visier

To: "Infowar.de" <infowar - de -! - infopeace - de>
Subject: [infowar.de] LAT 8.07.02 Hacker haben Energieversorger im Visier
From: Olivier Minkwitz <minkwitz -! - hsfk - de>
Date: Tue, 09 Jul 2002 16:25:50 +0200
Reply-to: infowar - de -! - infopeace - de
Sender: bendrath -! - zedat - fu-berlin - de
Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------

in letzter Zeit häufen sich diese Panikartikel auch in den besseren
US-amerikanischen Zeitungen....Woran das wohl liegt?
-Olivier Minkwitz

Los Angeles Times
July 8, 2002
Pg. 1

Hackers Target Energy Industry

Computers: Attacks at power companies are up substantially. Some experts
cite terrorism; others blame industrial spying and mischief.

By Charles Piller, Times Staff Writer

SAN FRANCISCO -- Power and energy companies are fast becoming a primary
target of computer hackers who have managed to penetrate energy control
networks as well as administrative systems, according to government
cyber-terrorism officials and private security experts.

Experts cite a number of potential sources for the post-Sept. 11
increase in hacker attacks, including industrial espionage and malicious
mischief, but Ronald Dick, director of the FBI's cybercrime division,
said he is concerned that the nation's power grid now may be moving into
the cross-hairs of cyber-terrorists.

"The event that I fear most is a physical attack in conjunction with the
success of a cyber attack on an infrastructure such as electric power or
911," the emergency telephone system, Dick said.

The raft of recent attacks has been confirmed by private computer
security companies.

Riptech Inc., an Alexandria, Va., security firm, said that since
January, 14 of its 20 energy-industry clients have suffered severe cyber
attacks that would have disrupted company networks if they had not been
detected immediately. The number of attacks is up 77% since last year.

Power and energy companies experienced an average of 1,280 significant
attacks each in the last six months?far more than companies in any other
industry sector?according to Riptech's semiannual client analysis.

"Unequivocally, these nets are vulnerable to cyber attack, and,
unequivocally, one outcome could be disruption of power supplies," said
Tim Belcher, Riptech's chief technology officer.

Last year's power crisis in California, the Enron Corp. scandal and the
declaration of bankruptcy by Pacific Gas & Electric Co. have revealed an
industry that is fragile, high- profile and wracked with confusion and
administrative chaos. Experts suspect that the glare of adverse
publicity has drawn the attention of not just joyriding hackers, but
also corporate saboteurs and terrorists.

More than 70% of the attacks came from North America and Europe,
suggesting that traditional hackers are now turning to a fresh and
vulnerable victim. The second-most popular hacking target among Riptech
clients was financial service companies, a longtime hacker favorite.
Riptech, which serves Fortune 500 corporations, smaller companies and
government agencies, was founded by former top Defense Department
officials to provide computer security.

A geographical analysis of Riptech data also shows that a small number
of attacks?1,260 out of a total of more than 180,000?originated in
countries where terrorists groups are known to be concentrated. Hackers
in those countries targeted power and energy companies more consistently
and aggressively than any other industry. The most active attacks
originated from Kuwait, Egypt and Pakistan?countries that have
relatively developed computer networks and a growing pool of experienced
hackers.

Energy power systems have ironically become a choice target because of
efforts to modernize them for greater efficiency. The weak link?a group
of remote control devices known as Supervisory Control and Data
Acquisition systems?"have been designed with little or no attention to
security," according to a recent report by the National Research
Council, an arm of the National Academy of Sciences.

The systems, which are used to control the flow of oil and water through
pipelines, and monitor power grids, were once impervious to hackers
because they were completely isolated from other computer systems.

Today many such systems are connected to the Internet, and therefore
vulnerable to hacking. The FBI also blames a rapid increase in hacking
attacks in recent years on the proliferation of hacking software posted
online. Such tools require little computer expertise, are readily
available worldwide and are becoming increasingly simple to use. Some
are directly applicable to electrical power systems.

"One of the places [hackers] are certainly attacking are those known
vulnerabilities," Dick said. "The rise in the number of incidents
reflects of the ease with which these tools are utilized."

Surreptitious hacking tests conducted by special Defense Department
information warfare squads known as "red teams" in 1997 found power grid
control systems susceptible to attacks; recent, similar vulnerability
testing by Riptech for its own clients resulted in network penetrations
virtually 100% of the time, Belcher said.

"Two years ago, there were people who didn't have a clue?who said, 'Why
would somebody want to attack us?' That is not the case today," said
Will Evans, vice president of People's Energy, a diversified power
company in Chicago.

"The problem is not today, but tomorrow," he said. "Whatever you've got
today someone may discover and exploit against that tomorrow.... You
need to finance a very active cyber-security program."

Evans, consistent with the policy of nearly all energy companies,
declined to comment on specific attacks against his company.

Even using advanced computer forensic methods, law enforcement officials
cannot identify the individual hackers behind the barrage of attacks on
power companies.

The Washington Post reported last month that some government officials
suspect the Al Qaeda terrorist network of plotting cyber-terrorist
actions against power stations and emergency services in the San
Francisco Bay Area.

Riptech's Belcher, a former cyber-security consultant for the Defense
Department, is skeptical of such claims, saying that the ability to wage
effective information warfare is many levels beyond the ability to
merely penetrate a network.

"I see no evidence that there are expert cyber-terrorists today," he
said.

Although a concentration of attacks come from countries identified with
terrorist groups, he cautioned that many such countries are major energy
producers?suggesting that the hacks may be the product of more mundane
industrial espionage, rather than terrorism. Similarly, Hong Kong?a key
financial center?is a hotbed for cyber attacks on the financial services
industry, he said.

But some experts believe that some of the attacks may be a kind of
training exercise for terrorists. Al Qaeda worked for three years on the
Sept. 11 attacks, according to U.S. intelligence agencies, and may be
making a similar investment in cyber-terrorism.

"The terrorists out there are well-educated and determined to get the
training and knowledge to carry this out, and they are very patient,"
Dick said.

A number of terrorist organizations have developed rudimentary technical
skills. For example, in 1997, the Tamil Tigers, a Sri Lankan rebel army
known for terrorist bombings and assassinations, hacked into and shut
down the servers of Sri Lanka's embassies in Seoul and Washington.

"Why haven't they done more of it? My main hypothesis is that they
didn't need to because their conventional weapons?the gun and the
bomb?were adequate," said Bruce Hoffman, a terrorism expert with the
Rand Corp.

But the new war on terrorism has hampered terrorists' ability to operate
elaborate base camps, and has dramatically tightened security for
physical infrastructure?from airports to power plants to government
buildings.

Cyber-warfare may represent a safer, more effective alternative.

"You don't need training camps or a robust logistical and intelligence
support structure," said Hoffman, "just a modem and a safe house....
This is the ultimate anonymous attack."


--
Olivier Minkwitz___________________________________
Dipl. Pol.
HSFK Hessische Stiftung für Friedens- und Konfliktforschung
PRIF Peace Research Institute Frankfurt
Leimenrode 29 60322 Frankfurt a/M Germany
Tel +49 (0)69 9591 0422  Fax +49 (0)69 5584 81
Mobil   0172  3196 006
http://www.hsfk.de                            pgpKey:0xAD48A592
minkwitz -!
- hsfk -
 de___________________________________



---------------------------------------------------------------
Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.
Prev by Date: [infowar.de] Neue Verfahren bieten mehr Schutz vor Angriffen auf den PC
Next by Date: [infowar.de] MH 3.07.02 Hacker Energieversorger /Air Control crying wolf
Previous by thread: [infowar.de] Neue Verfahren bieten mehr Schutz vor Angriffen auf den PC
Next by thread: [infowar.de] MH 3.07.02 Hacker Energieversorger /Air Control crying wolf
Index(es):
- Date
- Thread