“The severity of what we’re seeing is off the charts,” said Tom Kellermann, vice president of security awareness for Core Security Technologies and a member of the Commission on Cyber Security that is advising President Barack Obama.
“Most of the critical infrastructure in the US has been penetrated to the root by state actors.”
SAN JOSE, California – Spies hacked into the US electric grid and left behind computer programmes that would let them disrupt service, exposing potentially catastrophic vulnerabilities in key pieces of national infrastructure, The Associated Press has learned.
The intrusions were discovered after electric companies gave the government permission to audit their systems, a former US government official told the AP. The ex-official was not authorised to discuss the matter and spoke on condition of anonymity.
The inspections of the electric grid were triggered by fears over a March 2007 video from the Idaho National Laboratory, which had staged a demonstration of what damage hackers could do if they seized control of a crucial part of the electric grid. The video showed a power turbine spinning out of control until it became a smoking hulk and shut down.
Although the resulting audits turned up evidence of spying, the former official told the AP that the extent of the problem is unknown, because the government does not have blanket authority to examine other electric systems.
“The vulnerability may be bigger than we think,” the official said, adding that the level of sophistication necessary to pull off such intrusions is so high that it is “almost without a doubt” done by state sponsors.
The Wall Street Journal, which reported the intrusions earlier, said officials believe the spies have not yet sought to damage the nation’s electric grid, but that they likely would try in a war or another crisis.