GCN Tech Blog

By GCN Staff

Blog archive

Control systems open to attack

Hot on the heels of Jerry Dixon's warnings of inadequately secured control systems, a spokesperson from the Central Intelligence Agency disclosed that extortionists have threatened to disrupt power-generating equipment in other unnamed countries, by means of computer-based infiltration. And in one case, they may have actually done so.

"We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet," said CIA senior analyst Tom Donahue at the SANS security summit for Supervisory Control and Data Acquisition systems.

One of the reoccurring themes we heard repeatedly at the SANS Security 2008 summit this week in New Orleans is how pitiful the security is on the control systems used to run the country's power stations, water systems, transit systems and other basic infrastructure. In many cases, these systems just weren't designed to be operated on a network, and their defenses would make the average desktop computer look like Fort Knox.

Posted by Joab Jackson on Jan 19, 2008 at 9:39 AM


inside gcn

  • A framework for secure software

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

resources

HTML - No Current Item Deck
  • Transforming Constituent Services with Business Process Management
  • Improving Performance in Hybrid Clouds
  • Data Center Consolidation & Energy Efficiency in Federal Facilities