Donahue didn’t provide any specific details, but he said: “We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States”

Also, the security analyst that CIA is investigating at least one case in which the disruption caused a power outage affecting multiple cities.

“We do not know who executed these attacks or why, but all involved intrusions through the Internet,” Donahue explained.

According to Mr. Donahue, the CIA actively and thoroughly considered the benefits and risks of making this information public, and came down on the side of disclosure.

According to AP, a CIA spokesman Friday declined to provide additional details. "These comments were simply designed to highlight to the audience the challenges posed by potential cyber intrusions," said spokesman George Little.

Last year, the security companies warned that the rise in international cyber spying will pose the single biggest security threat in 2008.

While past attacks were designed to destroy data, today’s attacks are increasingly designed to silently steal data for profit without doing noticeable damage that would alert a user to its presence.

According to a report released in November 2007 by the security company McAfee the governments and allied groups are using the Internet for cyber spying and cyber attacks and the targets include critical national infrastructure network systems such as electricity, air traffic control, financial markets and government computer networks.

Also, earlier this week, the SANS institute revealed the list of The 10 SANS vulnerabilities, in order of estimated seriousness:

1. Sophisticated Web site attacks exploiting browser vulnerabilities
2. Increasingly sophisticated botnets
3. Cyber espionage by well-resourced organizations
4. Mobile phone threats
5. Insider attacks
6. Advanced identity theft from persistent bots
7. Increasingly malicious spyware
8. Web application security exploits
9. Blended social engineering and phishing attacks
10. Supply chain attacks infecting consumer devices such as USB thumb drives, photo frames, and MP3 players.