Brazil To "60 Minutes": It Wasn't A Hacker

Brazilian officials are disputing the claim by "60 Minutes" and others that a blackout in 2007 was caused by computer hackers. Wired magazine's blog Threat Level, citing government and investigative sources, reports that the outage "was actually the result of a utility company's negligent maintenance of high voltage insulators on two transmission lines." Insulators hang from power lines and are prone to collect debris, which can cause power surges. In this case, officials say soot from nearby fires collected on the insulators.

Threat Level, which has long been skeptical of some of the more extraordinary claims by U.S. officials about cyber threats to critical infrastructure, spoke to the utility company involved in the blackout and got a denial of any hacker involvement. The company "has no knowledge of hackers acting in [the] power transmission system," TL reported.

News of the "60 Minutes" piece hit the wires on Saturday, and over the weekend, Brazilian government officials started batting down the story. A senior homeland security official in Brazil told newspaper Folha de S. Paulo that he had investigated the allegations of a hacker causing the blackout and found no traces.

The official told the newspaper that "there is always the possibility" that a hacker could take over a power substation, but because the companies affected didn't have their systems directly connected to the Internet, it would have been very difficult for a hacker to penetrate their internal network.

However, the same official, in an earlier interview, confirmed that a hacker based in an Eastern European country accessed a server connected to a Brazilian ministry in 2008. The intruder locked officials out by changing the password, and then demanded $350 million to release the system. No one paid the ransom, the official said.

According to the Brazilian press, the power company denied any knowledge of hackers in their system in 2007, and national power authorities attributed the blackout to a "weather phenomenon" and pollution buildup on the insulators. Brazil's electrical regulatory agency ended up fining the power company $3.27 million, Threat Level reported.

TL actually beat "60 Minutes" with the news that security experts think computer hacking caused the Brazilian blackouts. In an interview, former White House cyber security chief Richard Clarke said, "We can look forward to the kind of things happening here that happened to Brazil, where hackers successfully brought down the power." The TL reporter noted that "Clarke is referring to veiled reports made last year by the CIA's chief cybersecurity officer, Tom Donahue, that extortionists had taken down the power grid in multiple regions outside the United States. The location of those outages has never been publicly identified."

In an email sent to me yesterday, TL's Ryan Singel criticized "60 Minutes" and other media for not reporting the Brazilian government's non-cyber explanation for the blackout. I asked the reporter who interviewed Clarke whether she had followed up on his claims when he made them. I still haven't received a response, but I'll update that here if I do. The piece ran on October 28.

The "60 Minutes" piece featured extensive quotes from Jim Lewis at the Center for Strategic and International Studies, which produced a lengthy report on cyber security for the Obama administration. I asked Lewis what he thought of the Brazilian claims. "I can see why the Brazilians would deny this," he said. "Their government may not even know. But this happened whether they admit [it] or not."

Lewis and Clarke aren't the only ones to attribute the blackout to cyber hackers. In 2007, a senior Defense Department official also said in a little noticed speech, "Not long ago there was an attack on Brazil's power grid, the SCADA network, which caused major disruptions." SCADA, which stands for supervisory control and data acquisition, refers to the devices that control electricity generation systems.