http://www.wired.com/threatlevel/2009/05/efh/ By Kevin Poulsen Threat Level Wired.com May 29, 2009 The FBI is investigating a computer intrusion at a large Texas power company that crippled the firm’s energy forecast system for a day in March, costing it over $26,000. Early Thursday morning FBI agents raided the home of a former employee of Dallas-based Energy Future Holdings — the corporate parent of three large Texas electric companies, including Luminent, which has over 18,300 megawatts of generation in Texas, and operates the Comanche Peak nuclear power plant. The ex-employee, Dong Chul Shin, was fired from the company March 3 for performance reasons, and escorted off the premises, according to court records. But the company failed to immediately shut off his VPN access. That afternoon, someone using Shin’s account began logging onto the corporate network, e-mailing out proprietary data to a personal Yahoo account linked to Shin, and modifying and deleting files, according to a search warrant affidavit by Dallas FBI agent Robert Smith. comanche-peak1 Company logs showed that the VPN connection originated at Shin’s home IP address, Smith writes. While logged into the VPN, the intruder sent an e-mail to the engineering group operating the Comanche Peak nuclear reactor. The message asked questions about the safety of the reactor, in particular wondering what would happen if the load were to be “increased to 99.7 percent of capacity.” While at EFH, Smith notes, “Shin was responsible for programming the models which controlled the management of EFH power generation facilities, including Comanche Peak.” [...] _____________________________________________ Visit the InfoSec News security bookstore! http://www.shopinfosecnews.orgReceived on Mon Jun 01 2009 - 01:05:25 PDT
This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 01:16:22 PDT