« The Logic of Life, by Tim Harford | Main | Markets in everything: buy put options on your gadgets »
Hackers Extort Cities?
Criminals have been able to hack into computer systems via the Internet and cut power to several cities, a U.S. Central Intelligence Agency analyst said this week....
"We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands," he said in a statement posted to the Web on Friday by the conference's organizers, the SANS Institute. "In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."
I am highly suspicious - why has no one heard of this before? - but every year I do feel more and more like I'm living in a Neal Stephenson novel.
Posted by Alex Tabarrok on January 19, 2008 at 12:52 PM in Economics | Permalink
Comments
I never heard of planes being flown into buildings before but it happened. LA had a cyber attack by a disgruntled employee. Its private enterprise..
Posted by: edwardseco at Jan 19, 2008 2:01:58 PM
Why on Earth are utilities connected to the Internet?! If you need to have access to the Internet let those Macs and PCs connect from a completely separate network. The actual functional part of the utility should be no where near the public. The same thing you would do with computers that are handling secret documents. Sigh.
Posted by: Robert at Jan 19, 2008 2:53:50 PM
I am also suspicious.
Posted by: at Jan 19, 2008 3:35:39 PM
We will be subjected to an increasing number of unsubstantiated and unverifiable fear-inducing Internet terror stories, because the Internet is a real pain for American governance.
These "cyber-terror" stories are a bunch of bollocks. Expect more.
edwardseco, if you realy never heard of or read about jet planes being flown into buildings before 9/11, I want to live in your backwater. I could use the peace and quiet.
2 movies, 5 novels, and at least one Presidential Daily briefing.
Posted by: Joey Giraud at Jan 19, 2008 3:59:20 PM
sounds like the CIA is consulting movie plots for their intelligence. Wasn't this the basis for the latest Die Hard movie?
Posted by: Taggert Brooks at Jan 19, 2008 4:28:53 PM
Hm, and this hacking claim hot on the heels of Mike McConnell's desire to have NSA surveil all the US's internet traffic.
Luckily, I'm not a suspicious man.
Posted by: Arr-squared at Jan 19, 2008 4:50:32 PM
After all that has happened do we still give credence to any thing that they (U.S. Central Intelligence Agency) say? :-)
Posted by: Floccina at Jan 19, 2008 5:07:07 PM
am highly suspicious - why has no one heard of this before?
I buy the skepticism of the fear mongering that our government is doing.
However you have never heard of extortion before? That's a daily occurrence. Taking over utilities? Trivial. Utilities - especially in third world countries do not have financial or regulatory incentives to properly protect their networks. One of the hardest things I do as an IT security professional is to put in controls and processes to manage access to networks. Systems that have traditionally not been network connected are now being connected (usually without anyone's knowledge). PBX, manufacturing equipment, monitoring equipment, etc etc are all now connected. Just 3 months ago I tracked down a break in to a customers network to a Laser Labeler installed in a manufacturing plant by a vendor. There are ebay like action sites now to buy and trade malware.
Lastly - phone systems, utilities, financial companies, etc have all been broken into. The reason you haven't heard more of it is simple. They don't want you to. It breaks trust in their product so they like to keep things quiet.
Posted by: yoshi at Jan 19, 2008 6:20:51 PM
edwardseco and yoshi, what I find difficult to believe is that hackers trying to extort money could have caused power outages affecting multiple cities and this would not be front page news around the world. If this has happened it is big news and not the sort of thing that can be easily covered up. Moreover, many of the security experts at the conference had never heard this before either. So I remain suspicious.
Posted by: Alex Tabarrok at Jan 19, 2008 6:39:09 PM
We have to be real careful to read what the analyst said, not power disruptions but equipment disruptions. In other words the attempt was made without success but with threat of more to come. This kind of thing has been around for years done by insiders. More recently a disgruntled employee erased the database for a company as revenge in a payment dispute. Good rules are:
Good computer security pays.
Good backup system is a must.
Limit computer access on a need to know basis.
Don't know how many of us do this on our home networks/computers! I didn't read the article as much a national security issue as common sense. Modern life..
Posted by: edwardseco at Jan 19, 2008 7:59:49 PM
It seems to me that if this were actually possible, the Russians would have already pulled it off in their last cyber attack on the Baltic States.
Posted by: Robert Olson at Jan 19, 2008 8:21:58 PM
Info from these guys? Seriously, information from the CIA, BEA and BLS needs to be responded to with a
guffaw. Good God if you publish this info you only encourage them. No WMDs but evildoer hackers will
turn out the lights.....Remember after the typenol incident they were telling us that crazed
commies would inject poison into the creame filling of the twinkee. there was also the flouride issue..
When will they give up and when will people like you stop giving them any mind at all.........Note
the speculation by posters--the country is going nuts or are we just stupid. Oh yeah the Sandinistas
were going to drive from Nicaragua and invade via Texas........What next.....
Posted by: robert at Jan 19, 2008 10:07:31 PM
Possible.
Hackers combat not the intelligence of the best security specialists but the stupidly of the most naive users, lazy administrators and bad managers.
Posted by: Vit at Jan 20, 2008 4:44:21 AM
I really like this part of a novel I'm reading where an economics professor in Virginia voices skepticism that the main characters in the novel really are succeeding in getting control of electric power delivery systems. I think it is setting us up pretty well for the next plot twist.
Posted by: Randall Parker at Jan 20, 2008 11:21:15 AM
I just hope they can write a better ending than Stephenson.
Posted by: Hamish Barney at Jan 20, 2008 11:15:43 PM
This statement would be more credible if it actually mentions some of those cities and utilities, so that these claims could be (at least partially) verified independently.
For now it does look like unsubstantiated scaremongering.
Posted by: deo at Jan 21, 2008 3:07:23 AM
It seems that some CIA analysts have been watching Live Free or Die Hard in their free time.
Posted by: Matthew Stinson at Jan 21, 2008 10:35:23 PM
Note that utilities are often a part of government and are almost always monopolies. Apply market power theory and voila! they have no clue about how to run their "business". I agree with the general tone of anti-CIA comments; fear mongering is a growth business.
Posted by: David Zetland at Jan 21, 2008 10:46:12 PM
"NATO's inability to deter a cyber attack that virtually paralyzed NATO member Estonia's access to the internet"
A nod to Cato.org..
Posted by: edwardseco at Jan 23, 2008 1:36:51 AM
Amoy abroad heard a 中古車very easy everywhere, there really want to own a car, even if it is 二手車required. This need not employed by the租車 company. The information in this regard, please email me.
Posted by: 租車 at Sep 26, 2008 3:25:15 AM
