The CIA has said that a cyberattack caused a power blackout in multiple cities in a country outside the US. Security training body the Sans Institute reported the CIA's disclosure on Friday.
CIA senior analyst Tom Donahue told a Sans Institute conference in New Orleans on Wednesday that the CIA had evidence of successful cyberattacks against various countries' critical national infrastructures.
"We have information that cyberattacks have been used to disrupt power equipment in several regions outside the US," said Donahue. "In at least one case, the disruption caused a power outage affecting multiple cities."
Donahue added that the CIA does not know who executed the attacks or why, but that all of the attacks involved "intrusions through the internet".
The CIA analyst added that his organisation had evidence of blackmail demands following demonstrations of successful intrusions.
"We have information, from multiple regions outside the US, of cyber-intrusions into utilities, followed by extortion demands," said Donahue. "We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge."
The CIA does not normally make this information public. According to Donahue, the CIA actively and thoroughly considered the benefits and risks of making this information public, and came down on the side of disclosure, the Sans Institute reported.
Alan Paller, director of research at the Sans Institute, warned over three years ago about demonstrations of denial of service to computer systems, followed by demands for cash.