San Francisco ? Power and energy companies are fast becoming a primary target of computer hackers who have managed to penetrate energy control networks as well as administrative systems, according to government cyberterrorism officials and private security experts.

Experts give a number of potential explanations for the post-Sept. 11 increase in hacker attacks, including industrial espionage and disgruntled consumers, but Ronald Dick, director of the FBI’s cybercrime division, said he is concerned that the United States’ power grid now may be moving into the crosshairs of cyberterrorists.

“The event that I fear most is a physical attack in conjunction with the success of a cyberattack on an infrastructure such as electric power or 911 (emergency telephone system),” Dick said.

77 percent increase

The raft of recent attacks has been confirmed by private computer security companies.

Riptech Inc., an Alexandria, Va., security firm, said that since January, 14 of its 20 energy-industry clients have suffered severe cyberattacks that would have disrupted company networks if they had not been detected immediately. The number of attacks is up 77 percent since last year.

Power and energy companies experienced an average of 1,280 significant attacks each in the last six months far more than companies in any other industry sector according to Riptech’s semiannual client analysis.

“Unequivocally, these nets are vulnerable to cyberattack, and, unequivocally, one outcome could be disruption of power supplies,” said Tim Belcher, Riptech’s chief technology officer.

Last year’s electricity outages in California, the Enron Corp. scandal and the declaration of bankruptcy by Pacific Gas & Electric Co. have revealed an industry that is fragile, high-profile and racked with confusion and administrative chaos.

Experts suspect that the glare of adverse publicity has drawn the attention of not just joy-riding hackers, but also corporate saboteurs and terrorists.

Domestic, foreign attacks

More than 70 percent of the attacks came from North America and Europe, suggesting that traditional hackers are now turning to a fresh and vulnerable victim.

The second most popular hacking target among Riptech clients was financial service companies, a longtime hacker favorite.

But a geographical analysis of Riptech data also shows that small number of attacks 1,260 out of a total of more than 180,000 originated in countries where terrorists groups are known to be concentrated. Hackers in those countries targeted power and energy companies more consistently and aggressively than any other industry.

The most active attacks originated from Kuwait, Egypt and Pakistan countries that have relatively developed computer networks and a growing pool of experienced hackers.

Easy targets

Energy power systems, ironically, have become a choice target because of efforts to modernize them for greater efficiency.

The weak link a group of remote control devices known as Supervisory Control and Data Acquisition systems “have been designed with little or no attention to security,” according to a recent report by the National Research Council, an arm of the National Academy of Sciences.

The systems, which are used to control the flow of oil and water through pipelines, and monitor power grids, were once impervious to hackers because they were completely isolated from other computer systems.

Today, many such systems are connected to the Internet, and therefore more vulnerable to hacking. The FBI also blames the rapid increase in cyberattacks in recent years on the proliferation of hacking software posted online.

Such tools require little computer expertise, are readily available worldwide and are becoming increasingly simple to use. Some are directly applicable to electrical power systems.

“One of the places (hackers) are certainly attacking are those known vulnerabilities,” Dick said. “The rise in the number of incidents reflects the ease with which these tools are utilized.”