Ex-Employee Fingered in Texas Power Company Hack

Ex-Employee Fingered in Texas Power Company Hack
Ex-Employee Fingered in Texas Power Company Hack

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Transfer-Encoding: QUOTED-PRINTABLE

By Kevin Poulsen
Threat Level
May 29, 2009 

The FBI is investigating a computer intrusion at a large Texas power 
company that crippled the firm=E2=80=99s energy forecast system for a day in 
March, costing it over $26,000.

Early Thursday morning FBI agents raided the home of a former employee 
of Dallas-based Energy Future Holdings =E2=80=94 the corporate parent of three 
large Texas electric companies, including Luminent, which has over 
18,300 megawatts of generation in Texas, and operates the Comanche Peak 
nuclear power plant.

The ex-employee, Dong Chul Shin, was fired from the company March 3 for 
performance reasons, and escorted off the premises, according to court 
records. But the company failed to immediately shut off his VPN access. 
That afternoon, someone using Shin=E2=80=99s account began logging onto the 
corporate network, e-mailing out proprietary data to a personal Yahoo 
account linked to Shin, and modifying and deleting files, according to a 
search warrant affidavit by Dallas FBI agent Robert Smith. 

Company logs showed that the VPN connection originated at Shin=E2=80=99s home IP 
address, Smith writes.

While logged into the VPN, the intruder sent an e-mail to the 
engineering group operating the Comanche Peak nuclear reactor. The 
message asked questions about the safety of the reactor, in particular 
wondering what would happen if the load were to be =E2=80=9Cincreased to 99=2E7 
percent of capacity.=E2=80=9D While at EFH, Smith notes, =E2=80=9CShin was responsible 
for programming the models which controlled the management of EFH power 
generation facilities, including Comanche Peak.=E2=80=9D


Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Visit the InfoSec News security bookstore! 


Site design & layout copyright © 1986-2015 CodeGods