Friday, May 30, 2008

Did Chinese hackers cause the 2003 blackout?

Here's an excellent article which talks about the possibility that Chinese hackers from the PLA may have had a hand in causing the 2003 blackout in the northeast and another one in Florida. I'm not sure if I believe this, mostly because I'd like to pretend that the nation's power grid is more protected than that (although deep down I know it isn't). My favorite quote:
A second information-security expert independently corroborated Bennett’s account of the Florida blackout. According to this individual, who cited sources with direct knowledge of the investigation, a Chinese PLA hacker attempting to map Florida Power & Light’s computer infrastructure apparently made a mistake. “The hacker was probably supposed to be mapping the system for his bosses and just got carried away and had a ‘what happens if I pull on this’ moment.” The hacker triggered a cascade effect, shutting down large portions of the Florida power grid, the security expert said. “I suspect, as the system went down, the PLA hacker said something like, ‘Oops, my bad,’ in Chinese.”
The rest of the article talks about other cyber-threats occuring from China, including cyber-espionage. One interesting quote:
During a trip to Beijing in December 2007, spyware programs designed to clandestinely remove information from personal computers and other electronic equipment were discovered on devices used by Commerce Secretary Carlos Gutierrez and possibly other members of a U.S. trade delegation, according to a computer-security expert with firsthand knowledge of the spyware used.
This would be a great article to summarize for your execs, especially if they travel overseas. China is well-known to use any tactic they can (including information theft) in order to gain a competitive advantage. What are you doing to protect your information for your employees when they travel out of the country?

No comments: