Well, hopefully my power sockets are not leaking computer viruses and keyloggers, but who knows?
Quite a few news outlets have picked up on a story in the Wall Street Journal claiming that spies from China and Russia have "penetrated the U.S. electrical grid". Scary... A little too scary and not enough detail to convince some commentators, including those who relate this story to somewaht similar stories from the recent past as well as to current political initiatives to give the US government increased control over the internet. Conspiracy theories abound.
Potential attacks on SCADA (Supervisory Control And Data Acquisition) systems have been a major concern in national security circles for many years, as I seem to have said once or twice before. And so they should be: attacks on essential services shouldn't, in general, be vulnerable to internet attack (if that's what this somewhat fuzzy story is referring to - if we're talking about physical intrusion to plant malware, that's another issue, but I've seen no corroboration to date of such intrusion).
Even SANS, which has been accused of overstatement from time to time, has come up with a sensible comment from Joel Esler (who is certainly nobody's fool). Hopefully, he's right in suggesting that it's unlikely that essential equipment in power stations is run by computers connected to the internet.
However, until a few days ago I'd have said it was equally unlikely that the UK government would entrust the provision of critical communications hardware to a Chinese supplier alleged to be funded by the State with links to the People's Liberation Army.
Where is Sean Gorman when you need him? And would the gentleman who asked about the possibility of Conficker attacks on the grid please keep that thought to himself?
(Thanks to Aryeh for alerting me to the newly minted term cypersecurity. I think it was someone's typo, but I'm certainly feeling cypersecuted myself at the moment. Just because you're paranoid....)
David Harley
Director of Malware Intelligence
