U.S. intelligence agencies traced a recent cyber intrusion into a sensitive infrastructure database to the Chinese government or military cyber warriors, according to U.S. officials.
The compromise of the U.S. Army Corps of Engineers’ National Inventory of Dams (NID) is raising new concerns that China is preparing to conduct a future cyber attack against the national electrical power grid, including the growing percentage of electricity produced by hydroelectric dams.
According to officials familiar with intelligence reports, the Corps of Engineers’ National Inventory of Dams was hacked by an unauthorized user believed to be from China, beginning in January and uncovered earlier this month.
The database contains sensitive information on vulnerabilities of every major dam in the United States. There are around 8,100 major dams across waterways in the United States.
“The U.S. Army Corps of Engineers is aware that access to the National Inventory of Dams (NID), to include sensitive fields of information not generally available to the public, was given to an unauthorized individual in January 2013 who was subsequently determined to not to have proper level of access for the information,” Pierce said in a statement.
“[U.S. Army Corps of Engineers] immediately revoked this user’s access to the database upon learning that the individual was not, in fact, authorized full access to the NID,” he said.
The Corps is continuing to bolster and review security protocols governing access to the database, he added.
The Corps’ dam database portal recently added a statement that said “usernames and passwords have changed to be compliant with recent security policy changes.” The changes were initiated after the hacking incident.
The database categorizes U.S. dams by the number of people that would be killed if a dam fails. They include “significant” and “high” hazard levels.
Michelle Van Cleave, the former National Counterintelligence Executive, a senior counterintelligence policymaker, said the database compromise highlights the danger posed by hackers who are targeting critical U.S. infrastructure for future attacks.
“In the wrong hands, the Army Corps of Engineers’ database could be a cyber attack roadmap for a hostile state or terrorist group to disrupt power grids or target dams in this country,” Van Cleave said in an email.
“You may ask yourself, why would anyone want to do that? You could ask the same question about why anyone would plant IEDs at the Boston Marathon.”
Van Cleave said the intrusion appears to be part of an effort to collect “vulnerability and targeting data” for future cyber or military attacks.
“Alarm bells should be going off because we have next to no national security emergency preparedness planning in place to deal with contingencies like that,” she said.