YOU ARE HERE: LAT HomeCollections


Hackers Target Energy Industry

Computers: Attacks at power companies are up substantially. Some experts blame industrial spying and mischief, others fear terrorism.


SAN FRANCISCO — Power and energy companies are fast becoming a primary target of computer hackers who have managed to penetrate energy control networks as well as administrative systems, according to government cyber-terrorism officials and private security experts.

Experts cite a number of potential sources for the post-Sept. 11 increase in hacker attacks, including industrial espionage and malicious mischief, but Ronald Dick, director of the FBI's cybercrime division, said he is concerned that the nation's power grid now may be moving into the cross-hairs of cyber-terrorists.

"The event that I fear most is a physical attack in conjunction with the success of a cyber attack on an infrastructure such as electric power or 911," the emergency telephone system, Dick said.

The raft of recent attacks has been confirmed by private computer security companies.

Riptech Inc., an Alexandria, Va., security firm, said that since January, 14 of its 20 energy-industry clients have suffered severe cyber attacks that would have disrupted company networks if they had not been detected immediately. The number of attacks is up 77% since last year.

Power and energy companies experienced an average of 1,280 significant attacks each in the last six months--far more than companies in any other industry sector--according to Riptech's semiannual client analysis.

"Unequivocally, these nets are vulnerable to cyber attack, and, unequivocally, one outcome could be disruption of power supplies," said Tim Belcher, Riptech's chief technology officer.

Last year's power crisis in California, the Enron Corp. scandal and the declaration of bankruptcy by Pacific Gas & Electric Co. have revealed an industry that is fragile, high- profile and wracked with confusion and administrative chaos. Experts suspect that the glare of adverse publicity has drawn the attention of not just joyriding hackers, but also corporate saboteurs and terrorists.

More than 70% of the attacks came from North America and Europe, suggesting that traditional hackers are now turning to a fresh and vulnerable victim. The second-most popular hacking target among Riptech clients was financial service companies, a longtime hacker favorite. Riptech, which serves Fortune 500 corporations, smaller companies and government agencies, was founded by former top Defense Department officials to provide computer security.

A geographical analysis of Riptech data also shows that a small number of attacks--1,260 out of a total of more than 180,000--originated in countries where terrorists groups are known to be concentrated. Hackers in those countries targeted power and energy companies more consistently and aggressively than any other industry. The most active attacks originated from Kuwait, Egypt and Pakistan--countries that have relatively developed computer networks and a growing pool of experienced hackers.

Energy power systems have ironically become a choice target because of efforts to modernize them for greater efficiency. The weak link--a group of remote control devices known as Supervisory Control and Data Acquisition systems--"have been designed with little or no attention to security," according to a recent report by the National Research Council, an arm of the National Academy of Sciences.

The systems, which are used to control the flow of oil and water through pipelines, and monitor power grids, were once impervious to hackers because they were completely isolated from other computer systems.

Today many such systems are connected to the Internet, and therefore vulnerable to hacking. The FBI also blames a rapid increase in hacking attacks in recent years on the proliferation of hacking software posted online. Such tools require little computer expertise, are readily available worldwide and are becoming increasingly simple to use. Some are directly applicable to electrical power systems.

"One of the places [hackers] are certainly attacking are those known vulnerabilities," Dick said. "The rise in the number of incidents reflects of the ease with which these tools are utilized."

Surreptitious hacking tests conducted by special Defense Department information warfare squads known as "red teams" in 1997 found power grid control systems susceptible to attacks; recent, similar vulnerability testing by Riptech for its own clients resulted in network penetrations virtually 100% of the time, Belcher said.

"Two years ago, there were people who didn't have a clue--who said, 'Why would somebody want to attack us?' That is not the case today," said Will Evans, vice president of People's Energy, a diversified power company in Chicago.

"The problem is not today, but tomorrow," he said. "Whatever you've got today someone may discover and exploit against that tomorrow.... You need to finance a very active cyber-security program."

Evans, consistent with the policy of nearly all energy companies, declined to comment on specific attacks against his company.

Los Angeles Times Articles