US power grid hacked by cyber-spies

Cyper-spies from China, Russia and elsewhere have gained access to the US electrical grid and have installed malware tools designed to shut down service, according to a news report.

So far, the attackers have not used their access to damage the electrical grid, but the cyber-espionage appears "pervasive," said a Wall Street Journal article that quoted anonymous national security officials. US officials worry that the spies could use their access to attempt to shut down the grid or take control of power plants during a time of crisis or war, the story said.

Many of the intrusions weren't discovered by electric utilities but by US intelligence agencies, the story said.

The cyber-spies have left behind "software tools" that could be used to destroy components of the grid, the Journal quoted one official as saying. "If we go to war with them, they will try to turn them on," one official told the Journal.

US lawmakers and some security experts have raised concerns for several years about the security of the power grid and other control systems. In a congressional hearing in March, Joseph Weiss, managing partner of control systems security consultancy Applied Control Solutions, said networks controlling US industrial control systems have been breached more than 125 times in the past decade, with one resulting in US deaths.

It could take the US weeks to replace damaged equipment after co-ordinated attacks on infrastructure using control systems, Weiss said then. A coordinated attack "could be devastating to the US economy and security," he said. "We're talking months to recover. We're not talking days."

Other security experts have raised concerns that the electrical grid could become more vulnerable as it moves to a two-way smart grid, potentially using the Internet for transmission. Congress provided $4.5 billion (£3.2 billion) for smart-grid deployment in an economic stimulus package passed earlier this year.

IOActive, a Seattle security consultancy, has spent the past year testing smart-grid devices for security vulnerabilities and discovered a number of flaws that could allow hackers to access the network and cut power, the company said in March.

"We're taking about extending access down into the homes over a combination of wireless networks, home-area networks," added Brian Ahern, president and CEO of Industrial Defender, a control systems security vendor.

"When you think about our existing infrastructure today - power plants, transmission distribution systems - they all have their own security problems. That's what we're all working diligently on right now - making sure that our existing infrastructure is secure."

Ahern, speaking before the Journal report came out, expressed concerns about the electrical grid. "One of the challenges that we have today in this country is that you've got all this critical infrastructure that has been deployed over the last 20 years, and no one was even thinking about security," he said.