Last night Steve Kroft of 60 Minutes looked into how computers and the Internet can be used as weapons, a topic we have covered here for nearly two years. It was a very good piece.
The 60 Minutes online and on-air coverage discussed multiple events (cyber attacks) including one event in three cities north of Rio de Janeiro that occurred back in January 2005. They reported that in these events, hackers were able to penetrate the control systems and manipulated those controls for the power grid.
During the pieces Steve Kroft interviewed former Director of National Intelligence Mike McConnell who said that he believes it could happen in America. He went on to say that “If I were an attacker and wanted to do strategic damage to the United States, I would probably sack electric power on the U.S. East Coast, maybe the West Coast and attempt to cause a cascading effect.”
McConnell is not the only one with this opinion. Democratic Congressman Jim Langevin of Rhode Island who chaired a subcommittee on cyber security agrees and said that U.S. power companies need to be forced to deal with the issue after they told Congress they would take steps to defend their operations but did not follow up.
Much of the rest of what 60 Minutes said was a rehash of what has already been published.
Examples:
- September 15th, 2008 in the posting “Where were you when the lights went out?”
- November 17th, 2008 in the posting “Legal Risks of Cyber Outage”
So what was missing from the 60 Minutes piece? This year I referenced in several briefings and during my lecture at Harvard a study by the European Parliament — Directorate General for External Policies that was titled “Cyber Security and Politically, Socially and Religiously Motivated Cyber Attacks.” On page 14 of that study in the third paragraph it states the following.
“In 2001, following a dispute over damage to US and Chinese aircraft in the South China Sea, both countries suffered a series of cyber attacks, and at one stage California’s electricity grid was almost shut down.”
I wonder if Congressman Langevin knows about that!
Background: Referenced Event: The aircraft incident occurred April 1st, 2001 when a U.S. Navy EP-3 surveillance plane was involved in a midair collision with fighter aircraft from China. The U.S. reconnaissance aircraft was on a routine surveillance mission and stated they were over international waters. As you may recall tensions between the United States and China became very strained. China disputed the location and said they were in their airspace. The U.S. Navy said their aircraft had significant damage and required an emergency landing be made at a Chinese military airfield on the island of Hainan, China.
Add the 60 Minutes reporting together with the EU study and the April 8th, 2009 WSJ story that stated “Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials” that was pointed out back on September 21st in the DefenseTech –Cyber Warfare blog posting.
There’s Concern, but Where’s the Action? What has to happen to get the military, the private sector and the government to work together and protect the United States from this growing threat?
{ 21 comments… read them below or add one }
From the article: "What has to happen to get the military, the private sector and the government to work together and protect the United States from this growing threat?"
What threat?
Lets go through the snake oil marketing checklist:
1)conflation of 14 yro hackers with a nuclear attack – check
2)but link everything to China by innuendo and unsubstantiated claims because 1) is ludicrous – check
3)big note Kevin’s latest meetings with whatever bureaucrats he can buy lunch for last week – check
4)Mention “threat” and “must” and “critical” at least 5 times just in case NLP works – check
5)Make vague references to cyber attacks which would have been really big if only they had actually happened – make sure not to mention any details so that they cant be confirmed – check
6)Reference a document that Kevin obviously hasn’t had time to read but actually recommends the exact opposite of what Kevin is pushing for – check
7)Remind the guys at work that they don’t have a future unless they help out with some shilling.
Wouldn’t it be just so much easier if you pointed to a single loss of life from a single cyber attack Kevin ? This is supposed to be a defense site after all, you know war as opposed to the latest in dreary MLM techniques.
What's funny is how much people like you, zandor, and bomb seem to disagree with/ hate everything that gets posted here, yet you keep coming back.
Wouldn’t it be just so much easier if you found another Website that's more to your liking?
LOL@Trolls
It’s the quality of the fan-boys that keeps us coming back.
Just last week I was saying to Zandor that “this is nothing like a Miley Cyrus concert, these people have gravitas!”
He though I as saying they were all lard asses living in their mums basement until I explained gravitas to him.
Thanks for posting the show. I didn't even know they had done this. Glad I could catch it all here.
Well with all the high level individuals that have now attested to the threat, it is hard to see how anyone can ignore the risks that have been pointed out over and over again. Unfortunately – we all know some will try!!!
To the poster (or editor?) "Kevin" :
You wrote: "Unfortunately – we all know some will try!!!"
No they won't.
So I guess these guys know more than the DNI, FBI and the rest of us.
Brazilian Blackout Traced to Sooty Insulators, Not Hackers
It did not take long for Kevin's predictions to come true
WOW What a coincidence – isn't it?
Yesterday Brazilian officials rebuked 60 Minutes and their report that hackers caused electrical power disruption back in 2005 and 2007. Last night Brazil was hit AGAIN by a power Blackout – cause unknown!
12:22 GMT, Wednesday, 11 November 2009
Brazil blackout
A power blackout affecting large parts of Brazil has left millions of people stranded as underground railways, traffic lights, street lights and electric gates were hit.
Part I :
To the eagle-sharp editor Kevin Coleman:
You wrote: "WOW What a coincidence – isn't it? Yesterday Brazilian officials rebuked 60 Minutes and their report that hackers caused electrical power disruption back in 2005 and 2007. Last night Brazil was hit AGAIN by a power Blackout – cause unknown!"
News update:
1) The 2016 Olympic Games in Brazil aren't going to be held at night.
2) Hackers, though avid of fame, normally DON'T plan their attacks based on the contents of weekly U.S. American fast-food TV shows, which are even completely unknown to anyone outside the U.S.A., except maybe to some cable TV subscribers or 5 star hotel guests abroad.
(Continued)
WRONG many hackers look for people to state their systems are security and hackers can't breach their systems. The hackers then move on those systems just to prove they can! Been that way for years and several nation states and extremists operate the same way.
So, it took them only half a day ( = the time lapse between watching “60 Minutes” and shutting down the biggest power dam in the World) to figure out how to do it?
And short of being fans of "60 Minutes", they had no special motivation?
They must be pretty angry at Saint Peter for having sent a tropical storm in that precise moment to that precise spot, which casts slight doubts now over their claims…
Ever heard of preplanning. The U.S. found code in our infrastructure that could have been used to disrupt our system. We removed it!
Part II :
3) The Itaipu dam IS the largest operational hydroelectric power plant in the world. Its only problem: Its geographical location, so far to the South that the water reservoir even enters Paraguay and affects Argentina too. That pharaonic dam needs to transport its 14.000 MW ( = the equivalent of burning 434.000 barrels / 69.000 m3 of oil / an ultra-large tanker every single day) across thousands of kilometers of empty landscape. During tropical storms, problems CAN happen to any of the lines…
(Continued)
Part III :
And if it's safety during black-outs you're worried about:
4) Brazil has no terrorists, not since the 70's. Terrorists don't operate on electricity in their sockets either.
5) Brazil can easily pour another 40.000 troops into Rio, like they did during the 1992 Earth Summit. Rio's streets were EMPTY during that summit, emptier than those of Tchernobyl!
Not that they truly needed to increase the number of security personnell: Actually, the oldest and biggest challenge to Brazil's Police is showing minimal self-restraint, not to look as murderous in the newspaper as the thugs themselves.
(Continued)
Brazil has no terrorists. How can anyone make that statement?
Part I :
Not one. Name them, or their groups, or their victims, NAME JUST ANYTHING to back this truly ignorant claim!
Or ask the poster "Vitor", a(nother) Brazilian on the newer thread about the same topic, Christian Lowe's "Brazil’s Blackout Soot or Cyber?" article, if you don't believe ME . I'm French, but I spent most of my life there – and most of my family still lives there! Muggers yes, burglars yes (we shot quite a few there), and every Brazilian is corrupt like a pig too, but terrorists… NO !!! 99 % of all Brazilian criminals are even too primitive to use rifles with or without scopes for their assassinations, can you imagine that? I believe that they're also too drugged to use automatic weapons properly! Which makes them not less lethal, even in broad public and in front of C.C.TV's. Imagine for example that you're a honest but indebted hotel receptionist, and your interests are overdue to a loan shark. That's what happens to you, in front of all clients, “live” on TV :
(Continued)
Part II :
http://www.youtube.com/watch?v=MwVvMEvePhg
(56 seconds long video)
But that's got nothing to do with "terrorism" and "cyber-war" and "60 Minutes" etc., that's just what you get when you mix so many races that the genes, while recombining, find no more common traits to form another human being… Brazilians don't even have any radical parties, discriminated minorities or fundamentalistic clerics etc., just lots of crazy U.S. American sects! So, next time when you digress about a country you know nothing about, try not to describe it through the impoverishing prism of the U.S.A. and its "G.W.O.T." .
Part IV :
Brazilian Police officer shooting two suspects on a motor-bike, in the middle of a city and in bright sunlight, after one of them resisted arrest and tried to grab a hidden gun:
http://www.youtube.com/watch?v=EsEEJNYMoX0
(58 seconds long video. Slide forward to the 16th second)
My kudos to him! I would take my hat off for him, if I ever met him! May they all treat every darkie scum-bag in shooting range the way he does!!!
But he's far from alone: In the past 11 years, more than 10.000 (!!!) criminals have been shot by the Police IN RIO DE JANEIRO ALONE , according to a study published last Monday.
http://www.javno.com/en-world/rio-police-killed-1...
Not even the U.S. Police is that productive, even so many targets around! Until the recent past, Brazilian policemen even got a well-deserved money reward for every criminal they simply shot where he stood! What else can you do for Justice?
The 60 Minutes piece was good, but a bit alarmist. Yes Admiral McConnell is correct we are vulnerable in cyber-space, but so is every industrialized nation. Yes Hackers are probing the critical infrastructure, probably even some on the payrolls of other countries. Rep Langevin is concerned with the security of the infrastructure, but also he he is pissed off because the utilities called before his committee "lied" to him. He said in the video, and then says he wants to change the system so they will be accountable to the government. He has the power companies in his sights.
Kevin needs to stop asking when something is going to be doen and start realizing nothing in a bureaucracy happens overnight. DHS just opened its National Cyber Center on 30 October. Cyber Command is moving from intial operating capability to full capability as we speak.
Action is being taken, sorry if it isn't fast enough for you.
I will not stop asking and pushing until the private sector that owns 85% of the critical infrastructure is mandated to secure it. While there is movement in DHS and DoD the private sector is all but at a standstill.