Feeds

Disgruntled techie attempts Californian power blackout

Counter-terror feds swoop after data centre sabotage

Internet Security Threat Report 2014

A cheesed-off American IT worker was seized by an FBI Joint Terrorism Task Force on Wednesday for attacking the Californian electric power grid.

Lonnie Charles Denison, of Sacramento, allegedly meddled with computers at the California Independent System Operator (ISO) agency. He is also accused of making a malicious bomb threat against the organisation. ISO controls the state's power transmission lines and runs its energy trading markets.

According to the feds, Denison became upset last week after a dispute with his employer, Science Applications International. Science Applications provides IT services to ISO.

Denison first attempted a remote attack against the ISO data centre on Sunday, but this was unsuccessful. He then reverted to simpler means, and entered the facility physically using his security card key late on Sunday night. Once inside, he smashed the glass plate covering an emergency power cut-off, shutting down much of the data centre through the early hours of Monday morning. This denied ISO access to the energy trading market, but didn't affect the transmission grid directly. Nor did his emailed bomb threat, delivered later on Monday, though it did lead to the ISO offices being evacuated and control passed to a different facility.

However, the feds reckon that if Denison had carried out his data-centre attack during normal business hours, "electric consumers in the Western United States would have experienced disruptions in their electrical supply". After arresting Denison they slapped him with a felony rap, destruction of an energy facility. The disgruntled techie, if found guilty, could be looking at the wrong end of a maximum five-year stretch, or perhaps a $5,000 fine.

This case could be another sign that America's terrorist threats can come from within as well as from beyond its borders. Denison is the second American IT worker to appear before federal beaks in recent days for sabotaging key US computers, joining Richard F Sylvestre.

Sylvestre's vandalism could have resulted in a nuclear-submarine collision and landed him in the jug for a decade, but in the end he got sent away for just 12 to 18 months. Denison could get off relatively lightly too, if he receives similar treatment.

It'll be interesting to compare the two Americans' cases with that of Gary McKinnon, the UFO-fancying Scottish hacker currently being extradited by the US to face trial for a string of computer intrusions some years ago. He doesn't seem to have threatened any power blackouts or sub wrecks, though he is accused of causing $700k-worth of damage to various US-government systems. America has hinted that he won't be treated as a terrorist, however.

Based on Sylvestre's short sentence and Denison's worst-case five years, McKinnon might not be compelled to enjoy the feds' hospitality for all that long a time – assuming that US justice is consistent. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.