informa
/
Risk
News

U.S. Electrical Grid Breached By Cyber Spies

The intrusions were detected by U.S. intelligence agencies. In November, a congressional advisory committee warned that Chinese cyberattacks were increasing.
And the list goes on. Late last month, Canadian researchers published a report documenting an international spying operation, dubbed "GhostNet," that had stolen documents from hundreds of governments and organizations, including the office of the Dalai Lama.

As always, the Chinese government denied any involvement, stating that it opposes and forbids cybercrime. Curiously, accusations of U.S. involvement in cyberespionage are rare, at least in the U.S. press.

A report released last month by the Task Force on National Security in the Information Age found that the United States is still vulnerable to attack because government agencies and other organizations haven't yet learned how to share information effectively.

On Feb. 9, President Obama said that former Booz Allen consultant Melissa Hathaway would conduct an immediate 60-day review of the government's cybersecurity. That report is due next week.

The unnamed sources quoted in The Wall Street Journal report may be motivated in part by a desire to see greater cybersecurity funding, which could affect their government agency. Highlighting the weakness of U.S. cybersecurity just prior to the release of Hathaway's review might well do that.

However, Paller believes people who see a plot here to get more money are wrong. "The timing is, I believe, that the attacks are so vicious and the damage is increasing (or being recognized) at a high rate and someone inside got frustrated and told [the Journal]," he said in an e-mail.

Despite this, some security researchers appear not to be too worried. "[F]or those of us in the security space, this should be nothing too terribly alarming," observed security researcher Joel Esler on the SANS Internet Storm Center blog.

Another day, another breach.


Attend a Webcast on why bad security breaches keep happening to good organizations. It happens April 15. Find out more and register.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5