January 21, 2008:
The CIA has revealed
that in several foreign countries, criminals have used Internet hacking to take
control of power transmission facilities and used this power (to turn the
lights out) to extort money from the power companies. It's interesting that the
CIA did not name the countries or the power companies, or provide other
details. An urban myth is suspected.
The CIA revelations were made in order to speed up U.S. efforts to make
American utility companies more resistant to this kind of extortion. Cyber
criminals have actually been using similar extortion scams for several years
now. The most public examples have been commercial web operations that were
threatened with being shut down, or damaged by a penetration of the web site
defenses. Many companies have increased their Internet defenses, but the
criminals keep coming up with new forms of attack. The criminals operate from
countries where the local police are unable, or unwilling, to help crack down
on such crimes. The extorted money is transmitted to accounts in such
countries, and then on to several more accounts, making it very difficult to
track down.
Cyber War experts get nervous about
this sort of thing because one could fight a war using the same weapons. Shutting
down power plants, and other utilities, as well as other commercial sites, has
real military value. This is what bombing campaigns have done for over seventy
years, and you can, in theory, do it a lot faster via network connections. To
prevent that, defenses must be built. At the moment, no one is really sure what
effective defenses are. Meanwhile, the bad guys find out every day, which
offensive weapons work.