U.S. energy network seen vulnerable to hackers

[InfoSec News <isn () c4i org>]

http://www.alertnet.org/thenews/newsdesk/N05213868

06 Mar 2003
 
HOUSTON, March 5 (Reuters) - The U.S. energy network could be
vulnerable to a hacker attack through its interlinked computer
systems, causing heavy damage to the already weak economy, government
and industry experts said on Wednesday.

"The whole energy system is being run on a cyber system," Abbie Layne,
project manager at the Department of Energy's National Energy
Technology Laboratory, told an electricity industry conference in
Houston.

"You can do a lot of damage just through a quick strong strike to that
cyber system," she said.

A successful attack on computer networks that support the electricity
system could have devastating economic impact if a "cascading"  
shutdown hobbled the grid of power lines, possibly shutting off the
lights in a region.

"If we lose this infrastructure...we could have a lot of damage to our
economy," Layne said.

Energy industry experts believe that while a threat to oil tankers,
pipelines or power plants remains a frightening prospect, there is no
evidence those sites have been targeted.

"To this point, there have been no specific threats to the industry,"  
Gary Gardner, chief information officer at the American Gas
Association, told the conference.

Although manuals describing methods to attack natural gas systems were
discovered by U.S. forces during raids on suspected Taliban and al
Qaeda bases in Afghanistan, Gardner said the industry did not believe
a violent attack against an energy installation was the most likely
scenario.

HOMELAND SECURITY

Security for power plants, oil refineries and the vast network of
natural gas and oil pipelines comes under the jurisdiction of a former
Department of Energy unit that was recently moved to the newly created
Department of Homeland Security.

Another Homeland Security division handles "cyber," or computer
network, security, but that unit remains without a leader despite an
extensive search, according to Harris Miller, a security expert and
president of the industry umbrella group Information Technology
Association of America.

"There is nobody in the Department of Homeland Security in charge of
cyber-security," Miller said. "It's a little scary."

The energy sector does have some safeguards to prevent interlopers
from gaining access to sensitive systems, Miller said, but it probably
falls "in the middle of the pack" compared with other industries.

Still, even the financial industry, which boasts the most secure
networks, can be hit by hacker attacks, Miller said.

In January, the "slammer worm" virus infiltrated financial companies'
computers systems despite widely available preventive software, and
last month hackers accessed about 8 million credit card numbers from a
processing company.
 


-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.