Monday, November 9, 2009

Cyberwar: Power Grid, network attacks and supply chain

60 Minutes has an interesting video segment on cyberwarfare, particularly a focus on the electrical power grid and some discussion of network compromises at CENTCOM and supply chain vulnerabilities:  The report is based predominantly on an interview with Booz Allen Hamilton's Mike McConnell, who was until recently the DNI. (Director of National Intelligence).

You can read the text of the article here

Most interesting was the discussion of actual attacks. Particularly the attacks against Brazil that brought down their power grid for a while and the compromise of CENTCOM.

Another article came out today about the process of securing the supply chain

You can see the agenda of recently concluded 2009 session of the US working group trying to address the power grid/SCADA vulnerabilities online:  A number of people I know were participating or presenting there... the problem is being looked at, but is also far from solved.

The Aurora story and mentioned video can be seen at CNN among other places.

The "senior government intelligence official" that 60 minutes refers to is presumably Tom Donahue (CIA) and his comments presented at a SANS conference.

Update: Interesting response to the 60 minutes story (and the Tom Donahue one) where the author's believe it's all rumors, not true, and government motivated power grab. I don't buy the Errata rebuttal (he claims HE could easily bring down the power grid, but obviously all these other times must be false examples) but good reminder that rumors, even told 6+ times are still rumors.