Friday, January 22, 2010

Chinese, Russian, Turkish Hackers Almost Certainly Targeting, Penetrating US Energy Provider Networks (Project Grey Goose)


Jeff Carr, author of Inside Cyber Warfare and IntelFusion, along with Sanjay Goel at the State University of New York, Albany and other contributors, has recently completed another of the Grey Goose reports, this time on hacker attacks on the power grid, both domestically and internationally.

The report's key findings are chilling:

  • "State and/or Non-state actors from the Peoples Republic of China, the Russian Federation/Commonwealth of Independent States, and Turkey are almost certainly targeting and penetrating the networks of energy providers and other critical infrastructures in the U.S., Brazil, the Russian Federation, and the European Union."
  • "Network attacks against the bulk power grid will almost certainly escalate steadily in frequency and sophistication over the next 12 months due in part to international emphasis among the G20 nations on Smart Grid research, collaborative development projects and the rich environment that creates for acts of cyber espionage"
  • "The appeal of network intrusions against the U.S. Grid is enhanced by two key factors:"
    • "90% of the U.S. Department of Defense's most critical assets are entirely dependent on the bulk power grid."
    • "Most Grid asset owners and operators have been historically resistant to report cyber attacks against their networks as well as make the necessary investments to upgrade and secure their networks."
Grey Goose reports are volunteer efforts to analyze various cyber threats through the use of open source information. Previous reports have analyzed the Russia-Georgia cyber war and the evolution of cyber warfare.

In the interest of full disclosure: Jeff kindly listed me as a "reviewer" in the recent report but my input was limited to a little light editing. I don't consider myself a cyber war expert. I do think, however, that Jeff's record and the records of his co-contributors' speak for themselves and believe that those interested in this area (and those who should be interested in this area) need to read this report carefully (whether you ultimately agree with its conclusions or not).
Reblog this post [with Zemanta]

1 comment:

Kirk said...

This has been something that I have been thinking about. Our infrastructure is too vulnerable...easy "soft target."