During a security conference held in New
Orleans, US
Central Intelligence Agency senior analyst Tom Donahue said that the government
agency has information from multiple regions outside the United States about
“cyber intrusions into utilities, followed by extortion demands.”
Donahue didn’t provide any specific details, but he said: “We
suspect, but cannot confirm, that some of these attackers had the benefit of
inside knowledge. We have information that cyber attacks have been used to
disrupt power equipment in several regions outside the United States”
Also, the security analyst that CIA is investigating at
least one case in which the disruption caused a power outage affecting multiple
cities.
“We do not know who executed these attacks or why, but all
involved intrusions through the Internet,” Donahue explained.
According to Mr. Donahue, the CIA actively and thoroughly
considered the benefits and risks of making this information public, and came
down on the side of disclosure.
According to AP, a CIA spokesman Friday declined to provide
additional details. "These comments were simply designed to highlight to
the audience the challenges posed by potential cyber intrusions," said
spokesman George Little.
Last year, the security companies warned that the rise in
international cyber spying will pose the single biggest security threat in
2008.
While past attacks were designed to destroy data, today’s
attacks are increasingly designed to silently steal data for profit without
doing noticeable damage that would alert a user to its presence.
According to a report released in November 2007 by the
security company McAfee the governments and allied groups are using the
Internet for cyber spying and cyber attacks and the targets include critical
national infrastructure network systems such as electricity, air traffic
control, financial markets and government computer networks.
Also, earlier this week, the SANS institute revealed the
list of The 10 SANS vulnerabilities, in order of estimated seriousness:
1. Sophisticated Web site attacks exploiting browser
vulnerabilities
2. Increasingly sophisticated botnets
3. Cyber espionage by well-resourced organizations
4. Mobile phone threats
5. Insider attacks
6. Advanced identity theft from persistent bots
7. Increasingly malicious spyware
8. Web application security exploits
9. Blended social engineering and phishing attacks
10. Supply chain attacks infecting consumer devices such as
USB thumb drives, photo frames, and MP3 players.
