Another emerging actor is the Syrian Electronic Army, an activist group that has claimed responsibility for hacking the Twitter accounts of major Western media outlets, such as the Associated Press last month, when its hackers sent a fake tweet about explosions at the White House that briefly sent U.S. stocks plunging.
The U.S. power grid is the target of daily attempted cyber attacks, according to a report by California Representative Henry Waxman and Massachusetts Representative Ed Markey released at the House Energy and Commerce Committee’s cybersecurity hearing on Tuesday.
More than a dozen utilities report daily, constant or frequent attempted attacks, ranging from unfriendly probes to malware infection, according to the report. (To read the report, see)
Gerry Cauley, chief executive of the North American Electric Reliability Corp, told the Reuters Cybersecurity Summit that computer viruses have been found in the power grid that could be used to deliver malicious software to damage plants. NERC is a non-profit agency that oversees and ensures the reliability of bulk power system in the region.
Experts say that with so many unknown hackers trying to infiltrate U.S. industrial control systems, they fear someone somewhere - perhaps even an amateur - will intentionally or unintentionally cause damage to power generators, chemical plants, dams or other critical infrastructure.
“Even if you don’t know how things actually work, you can still wreak havoc by crashing a device,” said Ruben Santamarta, a senior security consultant with IOActive. “Probably in the near future we may face an incident of this type, where the attackers will not even know what they are doing.”
Santamarta has identified hundreds of Internet-facing control systems -- on the grid, at water treatment facilities and heating and ventilation systems for buildings including hospitals. He has also uncovered bugs built into industrial control equipment.