A CIA analyst has disclosed that Internet hackers have attacked the computer systems of utility companies outside the U.S. and in at least one case caused a power outage in several cities.
“We do not know who executed these attacks or why, but all involved intrusions through the Internet,�? Tom Donahue, the CIA’s top cybersecurity analyst, told a gathering of security officials from utility and energy companies in New Orleans.
“We suspect, but cannot confirm, that some of the attackers had the benefit of inside knowledge.�?
He did not provide details about the attacks, but did say the hackers made demands for money.
Over the last decade in the U.S., electric utilities, pipelines, railroads, and oil companies have employed remotely controlled and monitored valves and other mechanisms that rely on wireless Internet connections linking them to central offices, the Washington Post reported.
That has made them vulnerable to sabotage or shutdown by Internet intruders seeking to perpetrate cyber extortion. Online gambling sites, e-commerce banks and other entities sometimes meet the hackers’ demands for money to prevent being shut down, according to Alan Paller, research director at the SANS Institute, the cybersecurity group that sponsored the gathering.
Ralph Logan, who heads the Logan Group, a cybersecurity firm, told the Post that over the past 18 months there has been a sharp increase in “attacks on our national infrastructure networks.�?
The attacks have been coming from outside the U.S., he said, but he believes they were launched from computers belonging to foreign governments or militaries, and not terrorist organizations.