By Lewis Page
20th April 2007
A cheesed-off American IT worker was seized by an FBI Joint Terrorism
Task Force on Wednesday for attacking the Californian electric power
Lonnie Charles Denison, of Sacramento, allegedly meddled with computers
at the California Independent System Operator (ISO) agency. He is also
accused of making a malicious bomb threat against the organisation. ISO
controls the state's power transmission lines and runs its energy
According to the feds, Denison became upset last week after a dispute
with his employer, Science Applications International. Science
Applications provides IT services to ISO.
Denison first attempted a remote attack against the ISO data centre on
Sunday, but this was unsuccessful. He then reverted to simpler means,
and entered the facility physically using his security card key late on
Sunday night. Once inside, he smashed the glass plate covering an
emergency power cut-off, shutting down much of the data centre through
the early hours of Monday morning. This denied ISO access to the energy
trading market, but didn't affect the transmission grid directly. Nor
did his emailed bomb threat, delivered later on Monday, though it did
lead to the ISO offices being evacuated and control passed to a
However, the feds reckon that if Denison had carried out his data-centre
attack during normal business hours, "electric consumers in the Western
United States would have experienced disruptions in their electrical
supply". After arresting Denison they slapped him with a felony rap,
destruction of an energy facility. The disgruntled techie, if found
guilty, could be looking at the wrong end of a maximum five-year
stretch, or perhaps a $5,000 fine.
This case could be another sign that America's terrorist threats can
come from within as well as from beyond its borders. Denison is the
second American IT worker to appear before federal beaks in recent days
for sabotaging key US computers, joining Richard F Sylvestre.
Sylvestre's vandalism could have resulted in a nuclear-submarine
collision and landed him in the jug for a decade, but in the end he got
sent away for just 12 to 18 months. Denison could get off relatively
lightly too, if he receives similar treatment.
It'll be interesting to compare the two Americans' cases with that of
Gary McKinnon, the UFO-fancying Scottish hacker currently being
extradited by the US to face trial for a string of computer intrusions
some years ago. He doesn't seem to have threatened any power blackouts
or sub wrecks, though he is accused of causing $700k-worth of damage to
various US-government systems. America has hinted that he won't be
treated as a terrorist, however.
Based on Sylvestre's short sentence and Denison's worst-case five years,
McKinnon might not be compelled to enjoy the feds' hospitality for all
that long a time assuming that US justice is consistent.
Subscribe to InfoSec News