SAN FRANCISCO — More than half of the operators of power plants and other "critical infrastructure" say in a new study that their computer networks have been infiltrated by sophisticated adversaries. In many cases, foreign governments are suspected.
The findings came in a survey released Thursday that offered a rare public look at the damage computer criminals can do to vital institutions such as power grids, water and sewage systems and oil and gas companies. Manipulating the computer systems can cause power outages, floods, sewage spills and oil leaks.
The report was based on a survey completed by 600 executives and technology managers from infrastructure operators in 14 countries. The report was prepared by McAfee Inc., which makes security software, and the Center for Strategic and International Studies in Washington, which analyzed the data and conducted additional interviews. The respondents aren't named and specifics aren't given about what happened in the attacks.
The report comes as concerns are growing about state-sponsored hacking and threats to critical infrastructure.
In November, CBS's "60 Minutes" reported that several Brazilian power outages were caused by hackers — a report |that Brazilian officials have played down. Last April, U.S. government officials said that spies hacked into the U.S. electric grid and left behind computer programs that would let them disrupt service. The intrusions were discovered after electric companies gave the government permission to audit their systems.
In the new report, 54 percent of respondents acknowledged that they had been hit by "stealthy infiltration" of their networks. In such break-ins, criminals can plant malicious software to steal files, spy on e-mails and do even scarier things like remotely controlling equipment.
Utilities are increasingly using mainstream software and connecting parts of their operations to the Internet so technicians can service problems remotely. Both factors heighten the danger of a hacker break-in.
Perhaps even more alarming: Many intruders have apparently done something harmful with the access they've stolen. Operators who had experienced denial-of-service attacks often said the incidents had at least some effect, from minor service interruptions to sustained damage and critical breakdowns.