Tuesday, April 14, 2009

SCADA Watch: China, Russia Top Sources of Power Grid Probes

Brian Krebs writes on Security Fix:

Last week, blogs and the mainstream press alike were abuzz with reports that Chinese and Russian hackers had penetrated the U.S. power grid and left behind secret back doors. The original story, a piece in the Wall Street Journal, was light on details, and many readers have asked me if I uncovered additional nuggets of knowledge about the existence of these back doors. I have not.

But I have discovered some interesting data published recently, which seems to support the notion that China and Russia are quite interested in locating digital control systems connected to our nation's power grid and other complex critical infrastructures.

The data comes from a white paper [.pdf] released late last month by Team Cymru, a group of researchers who try to discover who is behind Internet crime and why. That document sought to provide empirical evidence to show which nations were most active in probing our networks for the presence of highly specialized systems designed to control large, complex systems.

These so-called "supervisory control and data acquisition" (SCADA) systems help engineers monitor, communicate with, and control equipment used for energy generation and distribution (SCADA systems also help manage other complex systems, such as water networks, transportation switching systems, etc.).

More here.


At Tue Apr 28, 01:20:00 PM PDT, Anonymous CroAxis said...

I have just had a quick look on Brian Krebbs' article in the Washington Post and I got a little bit surprised.

The pie-chart that is presented by Steven Santorelli from Team Cymru is pretty shocking. According to this chart the majority - and let's say 90% - of internet-based scannings towards SCADA channels are originated from China!

There is one thing that I am not entirely clear about, are these infrastructural networks are actually connected to the internet? I have thought that these systems work on closed-network basis so far but I guess I was mistaken and SCADA communication channels are also based on the web. Which is in this case sounds very scary!


Post a Comment

<< Home