UPDATE: added FBI press release
From the LA Times:
Terrorism investigators are examining computer tampering and a bomb threat Monday that led to a lengthy evacuation of the headquarters of an agency that controls most of California’s electric transmission system.
The incident at the California Independent System Operator in Folsom followed the apparent midnight tampering with computer programs used to buy and sell power on the real-time market.
“I can confirm we are investigating this computer tampering and bomb incident,” said FBI spokeswoman Karen Ernst. She said the Sacramento Joint Terrorism Task Force has a lead on a suspect and believes that the two events may be linked. She declined to elaborate.
Neither of the incidents affected the operation of the state’s electrical grid, said Cal-ISO spokeswoman Stephanie McCorkle. Control of the network was transferred from Folsom to Cal-ISO’s Southern California operations center in Alhambra after the headquarters’ evacuation, she said.
About 500 Cal-ISO employees left the Folsom building at noon and did not return to their posts at the close of business, McCorkle said.
Two people with knowledge of Cal-ISO operations said the suspect in the computer tampering was a disgruntled employee of a Cal-ISO contractor.
And here is some more from KCRA Channel 3
Now this begs a few questions. First what sort of code review practices are in place at Cal ISO? For that matter what do most organizations do to ensure their code has not been compromised? We recently saw a similar problem when a US Navy contractor placed a logic bomb in software designed to support Navy subs. Do folks out there leverage the services of firms such as Veracode?
As well, do organizations out there regularly practice bomb threat evacuations? We love to hear people weigh in on this topic. Emails, as always, are great but, we would encourage you to leave a comment on the site.
[tags]SCADA, SCADA Security, Insider Threat, Bomb Threat, Code Review, Terrorism[/tags]
