Cyber-attacks rising in Utah, likely due to NSA facility (Update)

February 6, 2015 byBrady Mccombs

(AP)—Utah state officials have seen what they describe as a sharp uptick in attempts to hack into state computers in the last two years, and they think it related to the NSA data center south of Salt Lake City.

The increase began in early 2013 as international attention focused on the NSA's $1.7 billion warehouse to store massive amounts of information gathered secretly from phone calls and emails.

"In the cyber world, that's a big deal," Utah Public Safety Commissioner Keith Squires told a state legislative committee this week.

While most of the attempts are likely innocuous, cyber experts say it is possible low-level hackers, "hactivists" unhappy with the NSA's tactics, and some foreign criminal groups might erroneously think the state systems are linked to the NSA.

"Maybe these hackers are thinking: 'If we can attack state systems, we can get info that NSA isn't releasing," said Richard Forno, director of the University of Maryland, Baltimore County's, graduate cybersecurity program.

The state tracks the attempts with an automated system it purchased after a breach of health care information in 2012. The system detects, stops and counts the attempts to get into the computers, Squires said.

With that new equipment in place in January 2013, the state was seeing an average of 50,000 a day with spikes up to 20 million, Squires told The Associated Press. In February 2013, the number rose to an average of 75 million attacks a day, with up to 500 million on some days.

Attacks include direct attacks on websites, emails fishing for passwords, and something called "port scans," where people probe a computer looking for weak spots.

The NSA didn't immediately have any comment about the attacks.

Tim Junio, a cybersecurity researcher at Stanford University, said what officials refer to as "attacks" are likely just "noise from low-tech people rather than concerted efforts for meaningful foreign intelligence collection."

But both Forno and Junio agree the NSA data center could draw the attention of hackers who think they can target state-run utilities that power the center. Being able to disrupt an NSA operation in any way would bring international notoriety to a foreign state or criminal group, Junio said.

State officials acknowledge that part of the increase is driven by an overall rise in hacking across the country. Hackers' motivations vary, and it was impossible to determine what might be behind the activity in Utah.

Some steal personal information, like customer lists, to commit identity theft. Some take control of email servers to steal messages, send unwanted advertising or disguise the origin of their communications. Some steal corporate or government secrets from email or cloud servers, or use unlocked file servers as digital "dead drops" for their hacking tools, pirated movies, stolen files and more.

For hackers seeking notoriety, the NSA would be a prized target because it employs the world's best hackers and routinely gives advice about how to keep computers safe from online criminals.

Explore further: NSA data center runs into electrical problems

Related Stories

NSA data center runs into electrical problems

October 8, 2013

The Army Corps of Engineers says it has found electrical problems at the National Security Agency's $1.7 billion data center that could delay the new facility's long-awaited opening this fall in Utah.

Some in NSA warned of a backlash

November 20, 2014

Current and former intelligence officials say dissenters within the National Security Agency warned in 2009 that secretly collecting American phone records wasn't providing enough intelligence to justify the backlash it would ...

US state home to new mega-warehouse for data

June 13, 2013

The new billion-dollar epicenter for fighting global cyberthreats sits just south of Salt Lake City, tucked away on a militia base at the foot of snow-capped mountains. The long, squat buildings are filled with super-powered ...

US penetrated N. Korea computer systems in 2010: report

January 19, 2015

The United States secretly penetrated North Korea's computer systems four years ago—a breach that allowed Washington to insist Pyongyang was to blame for the recent cyberattack on Sony Pictures, the New York Times reported ...

Report: NSA uses radio waves to map pathway into computers

January 15, 2014

The National Security Agency has implanted software in nearly 100,000 computers around the world—but not in the United States—that allows the U.S. to conduct surveillance on those machines, The New York Times reported ...

NSA director: US needs Silicon Valley's expertise

November 4, 2014

U.S. intelligence depends on Silicon Valley innovation for technologies that strengthen the Internet and staff to provide national cybersecurity, National Security Agency director Mike Rogers told Stanford University professors ...

Recommended for you

Can people learn to embrace risk?

March 18, 2019

Studies have shown women are more risk-averse than men, more likely to opt for the smaller sure thing than gamble on an all-or-nothing proposition, a trait experts say could help to explain the persistent wage gap between ...

1 comment

Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Feb 07, 2015
Nothing like a hearty dose of attacks to help ensure your defenses are in tip-top shape.

I'd be surprised if the NSA facility didn't include a wealth of contingency support, like backup generators. Ditto that they would have any great reliance on Utah's connections to the Internet. Shouldn't these same thoughts have occurred to the instigators of the attacks?

Maybe something more subtle, like an attempt to drown out more covert activity with all these noisy attacks.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.