Ultimate fear: China breached U.S. dam database to use as a roadmap for cyberattack
Accidentally leaked credentials; Unauthorized use of user privileges; User accounts compromised
An unauthorized user gained access to an Army database of U.S. dams that “categorizes U.S. dams by the number of people that would be killed if a dam fails.”
The compromise of the U.S. Army Corps of Engineers’ National Inventory of Dams has raised concerns that China is preparing to conduct a future cyberattack against the national electrical power grid, including the growing percentage of electricity produced by hydroelectric dams.
According to unnamed U.S. officials, the Corps of Engineers’ National Inventory of Dams was hacked by an unauthorized user believed to be from China.
The database contains information on vulnerabilities of every major dam in the United States. There are around 8,100 such dams.
A Corps of Engineers spokesman confirmed the cyber incident but declined to corroborate details: “The U.S. Army Corps of Engineers is aware that access to the National Inventory of Dams (NID), to include sensitive fields of information not generally available to the public, was given to an unauthorized individual in January 2013 who was subsequently determined to not to have proper level of access for the information,” Pierce said in a statement.
“[U.S. Army Corps of Engineers] immediately revoked this user’s access to the database upon learning that the individual was not, in fact, authorized full access to the NID,” he said.
Government (U.S.); Other Critical Infrastructure
May 1, 2013
Washington Free Beacon
Link to report
location of breach
location of perpetrators
date breach occurred
date breach detected