Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system:
Many of the intrusions were detected not by the companies in charge of the infrastructure but by U.S. intelligence agencies, officials said. Intelligence officials worry about cyber attackers taking control of electrical facilities, a nuclear power plant or financial networks via the Internet.Authorities investigating the intrusions have found software tools left behind that could be used to destroy infrastructure components, the senior intelligence official said. He added, “If we go to war with them, they will try to turn them on.”
Officials said water, sewage and other infrastructure systems also were at risk.
Addendum: Robert Graham reminds us not to trust anonymous officials with unverifiable stories of invisible threats:
Another quote from the story is:
Last year, a senior Central Intelligence Agency official, Tom Donohue, told a meeting of utility company representatives in New Orleans that a cyberattack had taken out power equipment in multiple regions outside the U.S. The outage was followed with extortion demands, he said.I know of a similar story, told to me by the people who investigated the incident. It appeared that hackers had broken into the power control systems (in a country outside the US), caused a small blackout, and had made ransom demands. As it turns out, it was an inside job, not an attack from the outside. Both the outside “hacker” and the inside guy (who flipped the appropriate switch to cause a blackout) were arrested and put in jail.
There are a lot of government officials, he notes, who stand to gain by increasing government control over the Internet.