Information Security News mailing list archives
Ex-Employee Fingered in Texas Power Company Hack
From: InfoSec News <alerts () infosecnews org>
Date: Mon, 1 Jun 2009 03:05:25 -0500 (CDT)
http://www.wired.com/threatlevel/2009/05/efh/ By Kevin Poulsen Threat Level Wired.com May 29, 2009 The FBI is investigating a computer intrusion at a large Texas power company that crippled the firm’s energy forecast system for a day in March, costing it over $26,000. Early Thursday morning FBI agents raided the home of a former employee of Dallas-based Energy Future Holdings — the corporate parent of three large Texas electric companies, including Luminent, which has over 18,300 megawatts of generation in Texas, and operates the Comanche Peak nuclear power plant. The ex-employee, Dong Chul Shin, was fired from the company March 3 for performance reasons, and escorted off the premises, according to court records. But the company failed to immediately shut off his VPN access. That afternoon, someone using Shin’s account began logging onto the corporate network, e-mailing out proprietary data to a personal Yahoo account linked to Shin, and modifying and deleting files, according to a search warrant affidavit by Dallas FBI agent Robert Smith. comanche-peak1 Company logs showed that the VPN connection originated at Shin’s home IP address, Smith writes. While logged into the VPN, the intruder sent an e-mail to the engineering group operating the Comanche Peak nuclear reactor. The message asked questions about the safety of the reactor, in particular wondering what would happen if the load were to be “increased to 99.7 percent of capacity.” While at EFH, Smith notes, “Shin was responsible for programming the models which controlled the management of EFH power generation facilities, including Comanche Peak.” [...]
_____________________________________________ Visit the InfoSec News security bookstore! http://www.shopinfosecnews.org
Current thread:
- Ex-Employee Fingered in Texas Power Company Hack InfoSec News (Jun 01)