Forgot your password?
typodupeerror
The Internet Government Power News

China Denies Role In US Grid Hacks 91

Posted by timothy
from the stopped-beating-my-wife dept.
Slatterz writes "The Chinese government is denying any involvement in the reported infiltration of US electric grid systems. Xinhua news agency quoted Chinese foreign ministry spokesperson Jiang Yu as saying that any sort of involvement from China in the incident 'doesn't exist at all.' The denial follows a report in the Wall Street Journal which claimed that agents from China and Russia along with several other countries had infiltrated the computer systems charged with managing electricity in the US and left behind software payloads which could be used to control or disable electric grids in the US." Bruce Schneier is skeptical about the whole story.
This discussion has been archived. No new comments can be posted.

China Denies Role In US Grid Hacks

Comments Filter:
  • by slimjim8094 (941042) <slashdot3@NosPAM.justconnected.net> on Tuesday April 14, 2009 @09:02AM (#27568965)

    Either they did it and aren't telling (would we?) or these are simple hackers like in Russia, the Ukraine, or even here. Or they're part of the mob.

    This assumption that it must have been committed by the government is unfounded; though I would not be surprised at all. Wouldn't we if we got the shot?

    • Smoke and mirrors (Score:1, Insightful)

      by TheLink (130905)
      If the US Gov did it to China, China would have a nice chat with the US ambassador and use that as ammo in the next round of negotiations (trade/military) etc.

      Same for the other way round.

      And if it were really serious, it'll be more like "Stop that or else!".

      So clearly it isn't anything serious.

      Most of this "China Bogeyman" stuff is just some political posturing or "smoke and mirrors" for some USA entity's benefit.

      Just some distraction from the real issues.
    • Option 3: There was no organized hack and some specialists wanted more government funding!

    • by toQDuj (806112) on Tuesday April 14, 2009 @10:00AM (#27569801) Homepage Journal

      Perhaps it's just a case of the US energy grid getting old and crappy, and someone else needing a scapegoat for the trouble to come.

      B.

    • *OR* nothing really happened, as pointed out multiple time grid control are not on the net, and somebody just overhyped something far more usual like hacker trying to get control on a computer linked to internet for botting.
    • This also reflects the skill set of our technicians. Are our IT professionals too incompetent to keep crackers out? "So easy even a caveman can do it" ...
      FTFA: What about the "additional packages" left behind?
      Let me wrap my head around this ...
      Not only can we NOT keep intruders out of our networks
      Our IT personnel can't even clean the droppings the intruders left behind???

      Maybe we should just hire and pay some Chinese techs to secure our networks then ...

  • Homer Simpson did it as he so dumb and china is just a cover story. Also mr burns is at flat as he is to cheap to upgrade from windows 98 / nt 4.

  • by Anonymous Coward on Tuesday April 14, 2009 @09:03AM (#27568973)

    This is code for "Israel".

    • by furby076 (1461805) on Tuesday April 14, 2009 @09:27AM (#27569299) Homepage
      If Israel hacked the US grid they are most likely getting paid by the US to show the US where the weak-points are. This is not unheard of. Israel is very good with technology and network security. But Israel really doesn't work with Russia, Russia hates Israel - largely due to the fact Israel supported the US during the cold-war against Russia.
      • Israel supported the US during the cold-war against Russia.

        yeah... how about the whole, humiliating Russia's closest allies and nearly causing the start of world war 3, thing?
        Six Day War? Don't remember that? Seriously?
        READ A BOOK!

        • by furby076 (1461805)
          Yup I remember the stories my dad would tell me about the Six Day war. He was involved in it. Israel attacked by muslim countries. So how does that relate to my comment that Russia is not friendly to israel?
      • by steelfood (895457)

        Not necessarily. Israel, France, Britain, and a few other such "allies" all have active intelligence operations in the US, for various reasons. I wouldn't be surprised if hacking into critical infrustructure systems was among the activities of one such country.

        • Re: (Score:2, Insightful)

          by Anonymous Coward

          Not necessarily. Israel, France, Britain, and a few other such "allies" all have active intelligence operations in the US, for various reasons. I wouldn't be surprised if hacking into critical infrustructure systems was among the activities of one such country.

          Puh-lease. Israel likely has active intelligence operations in the US, but there's no way that they hacked into the US power grid illicitly because they have no interest to do so. Israel's intelligence in the US is primarily directed at gathering information about Israel's enemies that the US chooses to withhold (for applying political pressure to Israel--neither country is a perfectly wonderful "ally"). Hacking into the power grid is only useful to someone who wants to attack the US or hold it for ranso

  • by nimbius (983462) on Tuesday April 14, 2009 @09:11AM (#27569079) Homepage

    but could it be possible that for once, we're not under constant attack from enemy nations and have nothing to really fear?
    the last time we cringed in terror at another country as a pretext for invasion, it turned out they were guilty of a lot less than we
    originally conjectured.

    if china were hacking into our powerplants and infrastructure, what purpose would it seriously serve? china manufactures a bulk of american goods, and holds a bulk of american debt.
    we are an economic interest, so one could argue harm to us is harm to china.

    • by emocomputerjock (1099941) on Tuesday April 14, 2009 @09:19AM (#27569203)
      Are you honestly asking what purpose does technological dominance serve? Do you think any nation would turn down the ability to flip the switch on another country, regardless of the status of relations between the two?
    • Nimbius has it right. If anything the US is a satellite of China now. Everything is made there, and at least for now it is in China's best interest to make sure the US can afford their slave made goods. That said, it doesn't mean that China will always want or need the US as a client. One can imagine that once their infrastructure is complete and they have caught up technologically (if they already haven't?) the only thing they will need other countries for is resources. It wouldn't surprise me if thin
    • by Lumpy (12016)

      N O !

      WE have always been at war with eurasia. They are our mortal enemy!

      Please report to the nearest happy-think re-education center or sit in front of your telescreen for another 10 hours for home reeducation.

    • by toQDuj (806112)

      I think it's just the US power grid that is old and is going to give the US a lot of problems very soon: http://www.planetizen.com/node/10879 [planetizen.com]

      B.

    • Re: (Score:3, Insightful)

      by izomiac (815208)

      and holds a bulk of american debt. we are an economic interest, so one could argue harm to us is harm to china.

      Well, apparently China holds 1/16th [wikipedia.org] of the national debt, which is essentially what Japan has as well, so I wouldn't call that the bulk. OTOH, if they did hold the bulk of the US debt, debt as a deterrent isn't that great an idea. Or at least it didn't end well for the Knights Templar [wikipedia.org]...

      • by Huge_UID (1089143)

        King Philip IV was in debt to the Knights Templar, and erased his debt by eliminating the order. We are in debt to China. Reverse situation.

      • by steelfood (895457)

        Not sure what you're referencing to in that source you linked. However, under the Foreign Ownership section, it lists China as the largest holder of US Treasury securities, at 24%, with Japan a 2nd at not-quite-21%. That 24% of foreign ownership might equal 1/16 of the total debt (I haven't done the math yet), but China clearly holds the bulk of foreign-owned debt. Which makes GP correct.

      • Seems unlikely (Score:3, Insightful)

        by TiggertheMad (556308)
        Given that actively infiltrating another country's critical infrastructure and sabotaging it would be considered a provocative act of war by a good number of states, it seems unlikely that China would be eager to do this. Yes, they are communists, but they are not particularly eager to get in a big pissing match with the USA, when they seem to be doing so well selling us anything that isn't nailed down. It is possible that such an act is the action of a independent minded general or politburo functionary, b
    • You're absolutely right

      I'm skeptical of the whole story. Is our eletrical grid really accessible to spies? If our electric grid is connected at all to the public Internet then we have bigger problems, namely TeH Stupid, and we'll soon defeat ourselves with our own dementia.

      Second, When you find software 'payloads', as the story claims the officials have , is your first impulse not to phase out all infected systems and replace them with safe, clean ones? This seems pretty easy to fix.

      • by fluffy99 (870997)
        No. Your first impulse should not be to scrub the obviously infected systems. Take them offline yes, but you need to thoroughly examine them to determine how they were compromised and asses what else might be in your network that you don't know about.
    • by mpe (36238)
      if china were hacking into our powerplants and infrastructure, what purpose would it seriously serve? china manufactures a bulk of american goods, and holds a bulk of american debt. we are an economic interest, so one could argue harm to us is harm to china.

      If this is happening maybe you'd need to look for a party interested in harming both the US and China.
  • by lordandmaker (960504) on Tuesday April 14, 2009 @09:16AM (#27569147) Homepage
    I wish my country's government (UK) was anywhere near that technically adept...
    • by Anonymous Coward

      If it were the UK hacking the US power system, my wall outlets would start leaking oil.

  • the solution is .. (Score:5, Insightful)

    by viralMeme (1461143) on Tuesday April 14, 2009 @09:17AM (#27569157)
    The solution is to take computer systems [opednews.com] charged with managing electricity off the Internet
    • by 0racle (667029)
      http://isc.sans.org/diary.html?date=2009-04-08 [sans.org]

      They may not be. Also, the 2003 blackout was caused by maintenance failures, specifically not trimming trees, not worms.
    • by MK_CSGuy (953563)

      Reading that many of the grid controllers are connected to the internet seemed odd to me too, but it turns out that there are many controllers in remote and desolate places where the only possible communication is through the internet (i.e. through phonelines).
      Now, it would be a good move (security-wise) to place a new isolated fiber\copper network between those controllers, but it does sound more costly than you first think when reading the article.

    • by greyfeld (521548) on Tuesday April 14, 2009 @11:27AM (#27571119) Journal
      While that sounds good, it really isn't a realistic or technically feasible. The grid was not originally designed to handle the huge amounts of electricity that are currently being transferred between entities. The power pools must have some way to manage the flow of electricity across the wires to keep the system from being overloaded and brought down. It is also necessary to monitor the flows to collect the tariffs that are charged.

      For example, if Company A in Oklahoma City sells electricity to Company B in Des Moines, the power pools must be able to verify that there is capacity on the lines in between, whose lines the electricity will be travelling across so that they can maintain the stability of the grid, and collect the tariff paid to all the intervening transmission line owners. Without these systems being connected via computers, there is no way to accurately maintain and monitor the current system.

      As the Northeast blackout of a few years ago pointed out, lack of visibility into these systems can result in a devastating cascade of blackouts. If the Chinese or Russions actually do have Trojan Horses planted in these systems, they could literally bring us to our knees and shut down the country. It is really not that far-fetched since many of the smaller electric companies are locally owned co-ops or run by small cities with little or no budgets for security infrastructure or staff. The NERC CIP standards are certainly a step in the the right direction, but require a huge investment in time and manpower many of these smaller companies can't really afford.

      What it really comes down to in the end is continually increasing rates as customers demand reliability from their electricity provider. This reliability comes in the form of better computer controls of the electric system along with increases in the security around those systems. It is no longer feasible from a cost perspective to have a human being at each substation and switch gear with a walkie talkie. Utilities are trying to keep the rates down by automating the systems. Unfortunately, that introduces a new kind of risk. The risk that they are hacked, not only by the simple hacker, but by the nation state that views having a backdoor into our systems as a type of insurance in the event of war.

      • by IP_Troll (1097511) on Tuesday April 14, 2009 @12:58PM (#27572685)

        it really isn't a realistic or technically feasible.

        Either you missed the point of the OP or are ignoring it on purpose. There is no reason for the power grid to be on the consumer internet and you cited none.

        The power grid was designed before the internet.

        The controls you described to switch power between providers already exist. There is not a human being flipping switches at every substation with "walkie talkies", there is already an automated system to switch power which is completely independent from the internet. If you want to upgrade this already existing network to include modern hardware, do not connect it with the internet.

        You are acting like it is impossible to create a network of computers without WWW access. The power grid doesn't need twitter, or even a GUI interface, it just needs to send simple signals between embedded systems. transmitting signals between embedded systems can be accomplished without connecting the power grid to facebook.

  • (Routers & Switches) installed at these locations (Plus the DOD, FBI etc) are manufactured in China I'm surprised they'd even bother with something like this bearing in mind they can probably already read Obama's email and listen to most of his phone calls. If they did do it it was probably just a proof of concept or a shot over the bows.

    Nil illegitimi carborundum

  • Schneier (Score:2, Interesting)

    by Yvanhoe (564877)
    Schneier is a computer security expert, not a geo-strategist, and he was wrong about Iran's lost connectivity a few months ago when we all discovered the high frequency of Internet cables malfunctions.
    • by viralMeme (1461143) on Tuesday April 14, 2009 @09:28AM (#27569329)
      "Schneier is a computer security expert, not a geo-strategist, and he was wrong about Iran's lost connectivity a few months ago when we all discovered the high frequency of Internet cables malfunctions"

      In what way was Schneier wrong about Iran [schneier.com] and how does not being a geo-strategist relate to the validity of the claims that China infiltrated the US power grid?
      • by Yvanhoe (564877)
        In saying that this was a utterly strange coincidence and saying that Iran was offline. He later made corrections, but was wrong in assuming for instance that one router offline meant Iran was disconnected. On this, he didn't played his role as an expert : he relied on sources who misinterpreted raw information.
    • For what it's worth, Schneier did notice something that makes sense, even if you're neither a security expert nor a geo-strategist:

      Read the whole story; there aren't really any facts in it.

      Enough said.

    • "Honestly, I am much more worried about random errors and undirected worms in the computers running our infrastructure than I am about the Chinese military. I am much more worried about criminal hackers than I am about government hackers."

      That's pretty damn shortsighted on his part, then. We should be worrying about criminal mischief, but it's simply stupid to ignore national security implications of things like infrastructure. If another major war between peer nations comes, it won't just be ordinance bein

    • by Mr 44 (180750)

      Schneier is a cryptography expert, but on his new, broader security (not even just computer security) focus, I don't see any evidence for him to hold a title above "pundit".

  • They're just a developing country. (http://www.telecomasia.net/article.php?id_article=8986)
  • Can someone please hack my power grid and coffee machine and tell it to start making coffee, in one hour, so it's done when i'm home?
    Thanks.
    • Roger that. I set your coffee machine to start brewing your coffee in about three minutes, but I also took the liberty of making a couple of tweaks to the internal thermostat, just to make sure it's good and hot when you get home. You've got insurance in case something goes awry, right?
      • by SalaSSin (1414849)
        Sure, go ahead, i just finished emptying my apartment. Finally a way to get the money of the insurance and keep my stuff. Thanks dude ;-)
        • by eleuthero (812560)
          Sadly, as your insurance agent, I've been keeping track of any potentially damaging connections coming out of the apartment and noted the vulnerability in your grid some time ago. palegray's physical location has also been tracked and recorded. Now, if you'd just give me your forwarding address, I can have the... insurance "cancellation" form... sent to you.
  • The proof is in it. Whoever is making claims that Chinese/Russian gov't is involved should show it to us, otherwise this is FUD. They don't have to name names of spies, etc but they need to give us more then "we know it's china/russia".
  • by Anonymous Coward on Tuesday April 14, 2009 @09:24AM (#27569267)

    Well I happen to work for a government agency, and a very disproportionately large number of the attacks we see on a daily basis are coming from China. Whether or not these are state sponsored, I don't know, but the Chinese government certainly isn't making any real effort to hold these "useful idiots" at bay. You would of course expect more because they are more populous but it really is disproportionate, more like 8x-10x the amount of attacks seen from other wired countries per capita. At what point does a country become responsible for the traffic that leaves its borders? Especially one with border firewalls? I'm on board with the information warfare theory. I see it every day...I'm in favor of holding them responsible.

    • Ahem. PACKETS.

      packets from China

    • by antv (1425)

      Define "them". China is a country with a large number of pirated (and therefore unpatched) Windows installations. Many of those machines are part of spam botnets and so on. You have no way of knowing who is controlling those machines. If those people could hack into US govt computers, it's pretty damn likely they could hack into Chinese govt computers too, and use those as a relay. The probability of Chinese govt being incompetent in this case is way much higher than the probability of them being both techn

    • by Renraku (518261)

      They could seriously reduce the amount of hack attempts from their country if they wanted to, but they have no incentive to do so. Worst case scenario currently is a Chinese hacker hacks something big and causes a lot of upset/damage, and China makes an official apology while laughing their asses off. It certainly would be an act of war for a small band of Chinese special forces to take out some substations, why is not an act of war for a small band of Chinese hackers to take them out from the comfort of

  • But... (Score:2, Funny)

    by jar240 (760653)
    Didn't Jack Bauer take care of this two seasons ago?
  • Common sense (Score:3, Insightful)

    by dword (735428) on Tuesday April 14, 2009 @09:29AM (#27569357)
    This is like "duuuuh!", like you know...
    It's like I can't see why China would like, you know, PUBLICLY ADMIT LIKE THEY'RE FUCKING WITH THE U.S.

    This is not news at all. Thank you.
    • Re: (Score:3, Interesting)

      by Jaysyn (203771)

      A few years ago China grounded one of our "spy" planes & sent it home in crates.

      A few weeks ago China ran one of our naval vessels out of international waters.

      I don't know about admission, but if they aren't too worried about publicly screwing with us in meatspace, I really don't think they'd be worried about it in cyberspace.

      • by microbee (682094)

        Actually, it was the US who publicized the "conflict" in the international waters, not the China. Looks like an intentional leak from the Pentagon to pressure the new president.

  • and an audience which believes this

    is worth also the FUD which tells them that their power grid is under Internet attack

    being an electrical engineer and having an electrical power engineer as father - he said: BULLSH?T

  • FUD (Score:4, Insightful)

    by omar.sahal (687649) on Tuesday April 14, 2009 @09:59AM (#27569789) Homepage Journal

    "intrusions were detected not by the companies in charge of the infrastructure"

    but

    "U.S. intelligence agencies"

    Officials cautioned that the motivation of the cyberspies wasn't well understood
    Officials are the ones making the accusations

    China, for example, has little incentive to disrupt the U.S. economy because it relies on American consumers and holds U.S. government debt.

    A spokesman for the Chinese Embassy in Washington, Wang Baodong said..

    "some people overseas with Cold War mentality are indulged in fabricating the sheer lies of the so-called cyberspies in China."

    As Bruce Schneier said which one of these power outages [wikipedia.org] is by hackers
    I just hope this isn't some cover for the US to do what their accusing others of, why else this line below...

    Congress approved $17 billion in secret funds to protect government networks

  • It is worth looking at Bruce Schneier' view of this: http://www.schneier.com/blog/archives/2009/04/us_power_grid_h.html [schneier.com] The point being that there are no control/SCADA systems on the grid which are also connected to the internet.
  • Bargaining Chip (Score:4, Interesting)

    by kenp2002 (545495) on Tuesday April 14, 2009 @10:08AM (#27569929) Homepage Journal

    Modern day espionage as far as I can see it is bargaining chip, much like nuclear weapons. It's about what leverage you have. It's not so much the use of it, but rather a demonstration of what can be done.

    We now are now entering the age of Digital Mutually Assured Destruction and Economic Mutually Assured Destruction. For you wee tikes out there that was what kept the USA and Soviet Union (hell do the kids even know what a soviet is anymore?) from turning the world into the game Fallout 3...

    N-MAD and now D-MAD and E-MAD.

  • or does it sound like someone has been watching too much 24. (Sends in Jack Bauer to investigate.)
  • Pakistan denies role in terrorist attacks in India

  • In America, you claim your electrical grid was hacked. Because from Soviet China, grid hacks you!

  • It was employees looking at bad animal porn sites.

"The value of marriage is not that adults produce children, but that children produce adults." -- Peter De Vries

Working...