By Tom Espiner, 21 January 2008 14:53
NEWS
The CIA has said a cyberattack caused a power blackout in multiple cities in a country outside the US. Security training body the Sans Institute reported the CIA's disclosure.
Full Disclosure campaign
silicon.com is aiming to make businesses and government take data security more seriously. Read more here.
CIA senior analyst Tom Donahue told a Sans Institute conference in New Orleans that the CIA had evidence of successful cyberattacks against various countries' critical national infrastructures.
Donahue said: "We have information that cyberattacks have been used to disrupt power equipment in several regions outside the US. In at least one case, the disruption caused a power outage affecting multiple cities."
Donahue added the CIA does not know who executed the attacks or why, but that all of the attacks involved "intrusions through the internet".
He said his organisation had evidence of blackmail demands following demonstrations of successful intrusions.
Donahue said: "We have information, from multiple regions outside the US, of cyber-intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge."
The CIA does not normally make this information public. According to Donahue, the CIA actively and thoroughly considered the benefits and risks of making this information public, and came down on the side of disclosure, the Sans Institute reported.
Alan Paller, director of research at the Sans Institute, warned over three years ago about demonstrations of denial of service to computer systems, followed by demands for cash.
In order to post a comment you need to be registered and logged in.
Log in or create your silicon.com account below