digg

Facebook Connect Join Digg About
See the original image at greenercomputing.com

Utilities investigate grid hack by Chinese spies

greenercomputing.com More bad news on the security front for the Smart Grid: The Wall Street Journal reports that the electric utility industry is negotiating with a defense contractor to determine whether spies from China and elsewhere have already hacked into the U.S. power grid.

Who dugg this? Made popular Jul 2, 2009

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

35 Comments

show profanity settings
expand all
  • Pinkertinkle, on 07/02/2009, -0/+30Pretty sure China is checking to make sure our power is running so we can keep paying the interest on all those hundreds of billions of treasury bonds they own.
  • Antiman1337, on 07/02/2009, -0/+14When I first read this, the first thing that came to my mind was Bruce Willis...and I'm not sure why.
  • mysticalone, on 07/02/2009, -3/+16IM IN UR GRIDZ FRYING RICE!
  • bboy1977, on 07/02/2009, -2/+8Another ***** sensationalist story by the similar to the WSJ crap. I work for a major utility company in the IT department and while there may be or probably are vulnerabilities in our systems supporting transmission and distribution operations, describing these complex systems and infrastructure supporting these operations as a "Smart Grid [that] will essentially be powered by a giant computer network, and will be connected to the Internet and many private enterprises" is grossly misleading.

    "Chinese hackers" are the least of our worries... severe thunderstorms, hot summer days, operator error or unauthorized access to energy trading systems would wreak far more havoc or damage.

    WSJ got it wrong on their coverage of TJX hacking incidents and they are wrong here also.
  • nedzalife, on 07/02/2009, -0/+5actually, it's not fake at all. take it from the main security network guy at GE capital. Chinese hackers have had rootkits in unix systems 15 years ago. Watch the full thing. You'll learn a thing or two about how stupidly vulnerable the internet is.
    http://www.youtube.com/watch?v=UM4ZrsOjmNQ
  • srs2000, on 07/02/2009, -0/+4.... Causing havoc with the grid would not be the end game. You are making it seem as though that would be their goal. That would just be screwing with us.

    The fear is that they would take out the grid and THEN do what they had planned. ALL they are doing now is probing and mapping out the grid and more than likely putting in back doors so they can get in when they want to. It is not in their interest at the moment to do this. Down the road... Maybe.
  • PandaBearShenyu, on 07/02/2009, -1/+5Red scare 2.0?

    DEY HACKED ER GRIDZ
  • sndream, on 07/02/2009, -0/+3WSJ confirmed the attack come from Chinese spy by looking at IP address which according to them is THE most reliable piece information on Earth.
  • Tanktunker, on 07/02/2009, -0/+3Flying lice.
  • LibertyPrime, on 07/02/2009, -0/+2God damn black lotus.
  • iDoraemon, on 07/02/2009, -1/+3Spies possibly from China hacked through the security of an American utilities grid? The same China with programmers that developed the craptacular government-sponsored Green Dam program?

    That's pretty f'ing sad.
  • Pother, on 07/02/2009, -0/+2Yes but the question is, how many points of connection between the control/monitoring network, and the internet?!?!
    That's what I don't get...
    ...knowing what the internet is, WHY even tempt the security breach with such a connection?!?!
  • alappat1, on 07/02/2009, -0/+2I wonder how much it would cost to implement a secondary network that's physically isolated from the first... 100 billion or more? Then again it wouldn't be effective if the spy simply came onto US soil and tampered with the new network. What else could be done... high level encryption? Open sourcing the code in the devices themselves for review by American citizens; crowd sourcing debugging and security consultancy (while this seems counter intuitive; i think over the long term it would result in fewer security breaches as several million people will be helping to note the flaws in the system)
  • bentcardan, on 07/02/2009, -0/+2The Wall Street Journal is a reputable source for information. -Bent Cardan
  • MWeather, on 07/02/2009, -0/+2They HAVE found backdoors in chinese hardware. Hardware that had been installed in sensitive and top secret government networks for months and even years.
  • srs2000, on 07/02/2009, -0/+2They hacked digg's grid.
  • andreusboy, on 07/03/2009, -0/+2Crowd sourcing vs security through obscurity. The grid would be as secure as the skill of those who program it behind closed doors or as solid as the collective coding knowledge of the contributors is harnessed. If there was a flaw in the open system and not published/fixed before it could be exploited it could cost dearly to the infrastructure depending on the inflicted damage or data loss. Plus such a system being open, it would be a ultra high value target by foreign enemy espionage and thus greater risk of being exploited or constantly being under attack.

    I'm not trying to advocate security through obscurity but which one would be riskier in this case?

    Ultimately as of right now with current existing technology a proposed best approach would be a combination of isolated grid and extending open frameworks with closed source and end to end encryption. That way at leas you can narrow down the point of entry if attacks are attempted.
  • inactive, on 07/02/2009, -1/+3Given that most of our electronic devices are manufactured by Chinese CEMs and ODMs, I wonder how many of these devices (especially networking devices) have backdoors and other vulnerabilities designed-in at the request of the Chinese state?
  • JohnnySoftware, on 07/12/2009, -0/+1Dugg for historical accuracy - I mean irony.
  • JohnnySoftware, on 07/12/2009, -0/+1The first time I heard about IP spoofing was in an article about the author of Takedown, who caught and busted Kevin M. The second time I heard about IP spoofing was in an article by "Security Now" podcaster who said when XP was in beta he warned them that you can't just let applications send raw IP packets including application specified source IP addresses - and they just laughed at him and did it anyway.

    He claimed if they did that there would be lots of worms coming out for that ran on the MS-Windows platform and were hard to block/filter.

    There are now.
  • JohnnySoftware, on 07/12/2009, -0/+1GE Capital was the largest collector of banking bailout money. 0_o
  • nickem, on 07/04/2009, -0/+1Flying Ur lectrons
  • antdude, on 07/02/2009, -0/+1Movies tend to get stuck in your head. :P
  • Rivetgeek, on 07/02/2009, -1/+2what is with all the comment spam? Its like the chinese spam bots are programmed to spam any story mentioning the word china
  • sh0rtstop00, on 07/02/2009, -0/+1why can't they use switches?
  • Chaotyk, on 07/02/2009, -1/+2NO DUDE IT'S LIKE TOTALLY POSSIBLE SERIOUSLY I SAW THEM DO IT IN DIE HARD ALSO THEY CAN ASPLODE OUR GAS PIPELINES AND HACK ALL OF OUR WEBS CAUSE THEY ARE LIKE CRAZY ASIAN HACKERS AND COMPUTERS ARE POWERED BY MAGIC AND LEPRECHAUNS AND THE CRUSHED DREAMS OF CHILDREN SRS BZNZ GUYS
  • daeus, on 07/02/2009, -0/+1Plain noodles, no beansprouts, pot of curry source, bbq ribs and some prawn crackers.

    winar
  • Rivetgeek, on 07/02/2009, -0/+1Then we'll have all those damned dirty shinese bots
  • Chaotyk, on 07/02/2009, -0/+1Supah hackah ready foh up-leenk.
  • GingerNutter, on 07/02/2009, -0/+1We'll have to change the word to shina.
  • LoJack, on 07/02/2009, -1/+1Oh no...! Everywhere we look we see enemies. If not Iraq, then it's Iran, or N. Korea, Russia, China, Timbuktu... Why are so unlucky? Ah...!!!

    No, we are not paranoid. I repeat, not paranoid. Don't call us paranoid, or we'll carpet bomb you, SOB...
  • freedomischaos, on 07/02/2009, -1/+1None, and you can check for yourself. Learn some basic electronics. If there were some backdoors they would have already been found by now.
  • kwhatcher, on 07/20/2009, -0/+0What wee need is a new way of thinking computer security. Just found this. Very promising! Some of the smarter power companies are already using the application white-listing approach.

    http://digg.com/d1xAZU
  • amigabill, on 07/02/2009, -0/+0Why is stuff like this even on the public internet?
  • inactive, on 07/02/2009, -8/+1Nobody hates America. We've got nothing to worry about.

    Why bother with security? it's just a waste of time and money.

    Screw it, while we're at it, let's disband the military and make pez despensers out of all of our nuclear warheads.

    We can study whales humping with all the leftover submarines.

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.