Thursday, April 09, 2009

Digital Pearl Harbor, Cyber 9/11, and E-Qaeda

Brian Krebs writes on Security Fix:

I mention this because at any one time, computers at dozens of power companies throughout the United States are compromised by bot programs. And this has been so for years. In 2007, I wrote about penny-stock spam being blasted out of computers at American Electric Power that was confirmed to be the result of a bot infection there.

If you simply examine the list of Internet addresses flagged by anti-spam groups as blastiing junk e-mail, you can find dozens of systems that currently are or very recently were infected with bots and backdoors.

To illustrate this concept, I took a few minutes to peruse the Composite Block List as published by (the CBL lists Internet addresses that appear to be acting as open relays for other Internet traffic, or infected with a spam Trojan or some other security compromise).

All I did was sort the CBL list by U.S.-based Internet addresses, and then have a look through them for those assigned to American power companies. One caveat: It is not possible just from looking at this list to say how many -- if any -- of these backdoored systems have access to critical power control networks. Still, this is just from one public source. What's more, these are mostly opportunistic infections, caused by attacks that are random in nature. Now, just imagine the access that a determined adversary could gain.

More here.


Post a Comment

<< Home