- From: The SANS Institute
- Date: Fri Jan 18 14:59:14 2008
CIA Confirms Cyber Attack Caused Multi-City Power Outage
On Wednesday, in New Orleans, US Central Intelligence Agency senior analyst Tom Donohue told a gathering of 300 US, UK, Swedish, and Dutch government officials and engineers and security managers from electric, water, oil & gas and other critical industry asset owners from all across North America, that "We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."
According to Mr. Donohue, the CIA actively and thoroughly considered the benefits and risks of making this information public, and came down on the side of disclosure.
Delegates at the meeting shared information on how attackers are eluding current defenses and on promising practices for mitigating the most critical vulnerabilities. They also shared a jointly developed "SCADA and Control Systems Survival Kit." Next week an electronic version of the Survival Kit will be available (free) to all SANS alumni. Email firstname.lastname@example.org.