April 18, 2014

China suspected to be behind U.S. Army Corps of Engineers database hack

dam(LiveHacking.Com) – U.S. intelligence agencies are treating a recent cyber attack and subsequent intrusion into a database belonging to the U.S. Army Corps of Engineers as a cyber attack from China. According to the Free Beacon, U.S. intelligence agencies have traced the hack to the Chinese government or military cyber warriors.

The compromised database belonged to the U.S. Army Corps of Engineers and held data about dams. The National Inventory of Dams (NID) contains information on possible vulnerabilities of some 8,000 dams across the United States. In a worst case scenario the attack is a preemptive move by China in preparation for future cyber attacks against the nations electrical infrastructure.

“The U.S. Army Corps of Engineers is aware that access to the National Inventory of Dams (NID), to include sensitive fields of information not generally available to the public, was given to an unauthorized individual in January 2013 who was subsequently determined to not to have proper level of access for the information,” said Pete Pierce, a Corps of Engineers spokesman.

Upon discovering the unauthorized access the Corps of Engineers revoked the user’s access to the database.

The database collects information about dams which are either large (those that exceed 25 feet in height or exceed 50 acre-feet storage) and those that have a hazard classification because of the loss of human life that would result if the dam failed. The database was started in 1972 when laws came into effect that required cooperation between the Corps and the Federal Emergency Management Agency. These laws were updated in 2002 and 2006 to recognize that dams are part of critical U.S. infrastructure and require protection.

In January, a report published by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), part of the Department of Homeland Security’s Office of Cybersecurity and Communications, revealed that the last three months of 2012 saw at least two instances of malware infecting computers inside power generation facilities.