CIA senior analyst Tom Donahue told an international Sans Instituteprocess control security conference last week that the agency had evidence from outside the US that hackers were blackmailing victims.
"We have information, from multiple regions outside the US, of cyber intrusions into utilities, followed by extortion demands," he told 300 officials, engineers and security managers from electric, water, oil & gas and other critical industry operators from the US, UK, Sweden, and the Netherlands.
"We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge," he said. "We have information that cyber attacks have been used to disrupt power equipment in several regions outside the US. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the internet."
In December the UK's Centre for the Protection of National Infrastructure wrote to 300 UK firms warning of hack attacks by "Chinese state organisations".
The UK and US authorities have developed checklists for any firm that believes it might be a target. For more information on the US's SCADA and Control Systems Survival Kit e-mail [email protected] The CPNI's advice was updated last week.