SANS NewsBites Vol. 11 Num. 28 (4/10/2009)
US Power Grid Infiltrated (April 8 & 9, 2009)
US national security officials said that the computer networks of the country's electrical grid and other utilities have been infiltrated and seeded with tools that could potentially be used to disrupt communications, electricity, and other elements of the country's critical infrastructure. As yet, there have been no attempts made to use the software to cause damage. Most of the intrusions were not detected by the companies responsible for the systems, but by US intelligence. In light of this report, cyber security experts have begun urging the Federal Energy Regulatory Commission (FERC), the Nuclear Regulatory Commission (NRC) and the Energy Department to push for legislation that would grant them more oversight and authority to manage grid (cyber) security. Earlier this week, before reports of the intrusions, the North American Electric Reliability Corporation (NERC) recommended that energy companies look closely at how they identify critical assets and critical cyber assets. A link to NERC Vice President and Chief Security Officer Michael Assante's letter regarding a compliance survey on critical cyber asset identification can be found below.
http://online.wsj.com/article/SB123914805204099085.html
http://fcw.com/Articles/2009/04/08/FERC-needs-to-step-up-oversight-to-safeguard-grid.aspx
http://www.nextgov.com/nextgov/ng_20090408_1423.php
http://www.washingtonpost.com/wp-dyn/content/article/2009/04/08/AR2009040803904_pf.html
http://www.cnn.com/2009/TECH/04/08/grid.threat/index.html
Q&A About Grid Intrusions:
http://lastwatchdog.com/chinese-russian-cyberspies-lurk-us-electrical-grid/
Assante Letter:
http://online.wsj.com/public/resources/documents/CIP-002-Identification-Letter-040609.pdf
[Editor's Note (Schultz): Over the years there have been many indications that security within electrical companies is deficient. The recent discovery of widespread malware ostensibly installed by agents of foreign countries should leave no doubt that this problem exists and that is is extremely serious given the critical role of the energy sector in the US critical infrastructure. I am thus appaled that all NERC is doing is recommending "that energy companies look closely at how they identify critical assets and critical cyber assets."
Recommendations in this arena abound, but they have been largely ignored. Mandates are now clearly necessary.]
No comments:
Post a Comment