“CNN has learned from sources familiar with the experiment…”
Don’t you just love articles starting off like that. That means some creep in government got the reporter to sign an NDA in order to get the “story”.
Researchers who launched an experimental cyber attack caused a generator to self-destruct, alarming the federal government and electrical industry about what might happen if such an attack were carried out on a larger scale, CNN has learned.
Here’s the same nameless sources again:
Department of Homeland Security video shows a generator spewing smoke after a staged experiment. Sources familiar with the experiment said the same attack scenario could be used against huge generators that produce the country’s electric power.
I’m not going to repeat all the stupidity in the article. Just quote the only relevant paragraphs – which anyone coming to this site already knows:
“Several conditions have to be in place. … You first have to gain access to that individual control system. [It] has to be a control system that is vulnerable to this type of attack.”
“You have to have overcome or have not enacted basic security protocols that are inherent on many of those systems. And you have to have some basic understanding of what you’re doing. How the control system works and what, how the equipment works in order to do damage.
You can tell there’s an election in the offing. We’re supposed to be living in a state of perpetual fear.
Yeah, that would be a danger, if no one at the power company is paying ANY attention to their jobs…wait… Dang, we’re screwed!
Can the ‘same scenario’ be used against the ‘management’ in such cases as Enron? I mean, clouds of smoke etc – or is the presence of clouds of smoke a sign that something is being covered up, obscured, or being introduced as an excuse for some other intention?
I believe that all politicians are honest.
But then, I also believe in Father Christmas, Fairies, and weapons of mass destruction in the Arabic deserts (Yes, I am a drinking man)
Just a thought!
Wow, the microsoft hating blog’o’sphere strikes again. These systems are run on PC’s with simple computer controled relay systems in place. Get on the system, shut down the dynamos cooling systems and voila, you have smoking self destructing generators.
“Fixed fortifications are monuments to man’s stupidity,”
This more than anything is yet another reason to get big business out of power generation and turn it over to cottage industry. Small wind, solar, hydro and biofuel. Without big power plants to attack, the bad guys go after something else.
We’re back to one of the modes of Amerikan politics where Conservatives join with neocon-artists. Fear is good!
It doesn’t matter whether a lie initiates with a nutball like Rush or Bill – or the campaign manager for some fence-straddler. Comment from leading Liberals will go no further than – “We can do a better job of protecting our nation’s kilowatts!” Instead of confronting the deceit.
And the Talking Heads don’t have the courage to challenge anything more controversial than Twinkies.
live in fear, its what the gov wants.
I call this Job Creation.
The electrical grid computers are isolated from the outside world, meaning, it has to be an inside job.
So an employee that gets PO’d because someone told him he can’t tell the difference between an SD signal or true HD signal on his brand new 1080p Hi-Def TV, and decides to take out his frustration on transformers, then ya, *up in smoke*
[It] has to be a control system that is vulnerable to this type of attack.”
That screams Windows to me.
Couldn’t the same analysis be used with Nuclear Power Plants, in that someone can use a computer to override safeties, and cause a slightly larger puff of smoke?
IOW – like Battlestar Galitica (new series) no networked computers, making impossible for a single terminal/computer to take down a whole system.
Sigh, nothing frightens me anymore.
Is there any chance hackers can start setting off nuclear weapons whenever they feel like it? That might get my attention but otherwise, I’m just too worn out being scared to be scared of anything less than nukes being protected by a Micro$oft Windows operating system.
what a load of crap -“un-named sources”
seems like they have to leak this crap out every few months
to make sure a group of lemmings somewhere cowers in fear, ready and willing to give up some more of their freedoms and vote in the guy who yells “i’m tough on terror” the loudest.
no matter what the Gov does, if some crackpot wants to make trouble, he will. -so stop with the fear mongering
and decimation of the constitution and focus on tangible
issues. -not this “vapor terrorism”
-s
“Fishy”?
Your meter really IS broken. No ratings in recorded history other than “fishy”, it seems to me. Huh.
Researchers who launched an experimental cyber attack caused a generator to self-destruct
Its true! Its true! If you read the API for all generators, regardless of size or make, they include a little known call: selfDescruct($time, $reason); …. as long as $reason matches something recoginized in the generator’s positronic brain, it will blow itself up…. they are fairly easy to network as well, they use a little known networking protocol and media (H20/IP) that uses the moisture in the air and eighty two point three and a half bit addressing.
However, the reasons to actually make them blow themselves up are often quite obscure and it can be hard to convince the generators that its worth doing. There are rumours that “we’ve run out of cigarettes; all hope is lost” will work, but I haven’t tested it (my version of windows doesn’t support 82.3 1/2 bit addressing…. I am told that Vista II will support this though….)
Maybe if they used Macs instead of PCs since already they are wasting their money on overpriced low quality products.
LOL, some of you see Bush’s evil shadow everywhere. From the article:
“Computer experts have long warned of the vulnerability of cyber attacks, and many say the government is not devoting enough money or attention to the matter.”
Ah, it’s all about money! So who is pushing for it?
“‘We need to get on it, and get on it quickly,’ said former CIA Director James Woolsey on Tuesday.”
So, we either believe a former CIA Director under Clinton has now joined the Bush “conspiracy” or, perhaps, it’s nothing more than another company trying to suckle on the tax-payers’ tit.
I thought this was another article on how vulnerable our power infrastructure is because of antiquated SCADA systems.
More fear mongering brought to you by the fine, fine folks at the white house. Keeping you living in fear since 2001!
#15 – you stuffed up the link. You put a “/” after SCADA, and it doesn’t like to the Wiki-whatever article you wanted.
I don’t live in fear, I live in rage. I fart in the general direction of anything government related.
and they want to have the internet over power lines for what reason again?
This is soooooooooooo much hard work. Everyone knows all you have to do to shut down the entire eastern grid and blow up generators in the process is to get 5 of your neighbors to turn all of their electrical applience’s then come over to your house to watch a must see football game…..just as the home team is about to make the play of the century the power will surge, causing a cascading effect from Canada to Miami, New Brunswick, Me. to St. Louis destroying every switching center in the system. Viola!!!!!
Take them weeks to get power back up in just 1 city.
#20,
A few years ago I was in the August 2003 power outage. It was just over a week to get us back up. As far as I know, I was in one of the worst affected areas.
Considering that was caused by a tree falling on a power line, I suspect that if some group wanted to cause a similar incident, and they had an electrical engineer, and a little bit of inteligence, they could take out large swaths of the american power system without ever getting close to a power plant. Seems like half a dozen guys trucks and chain saws could do it at that point.
Can I mention something strange about power systems and transformers.
WE have a system that is built on 2 concepts.
1. THIS is the LEAST amount of power they need.
2. this is the MAX power they need.
Under this idea…Its just as easy to Blow up transformers and generators, by shutting OFF power.
example: IF I could get 50-70% of those being supplied power in 1 area to TURN everything OFF(just shut off the Main breaker)..It wouldnt be long before the system would over charge and breakers would go off and shut down the Whole thing.
NOW the fun part is that our WHOLE system is serial based. If so much power is going from THIS generator to THIS transformer, AND that generator dont Curb back the power being sent…IT goes POOF.
The system we have is Stupid. And ISNT like they show on TV…It does NOT automatically do MUCH to protect itself..ALL it has is breakers and Fuse protections. It cant redirect Power IF a section goes down.
Thats proven with the grid on the east coast. If 1 section goes down, it can take out 1/2 the state because the system CANT send power AWAY from a Bad section.
21. “Considering that was caused by a tree falling on a power line”
So, you fell for that one did’ja?
What a load of nonsense. No one’s going to be able to hack into hundreds of PLCs across the country and screw them up simultaneously. For one thing, they’re not simply hooked into the Internet. And it’s not like they are generic PC’s; there’s a huge diversity of PLCs out there, and they’re all proprietary designs. The diversity alone is a big security feature.
You could perhaps disrupt a significant chunk the power grid by blowing up a well-chosen set of transmission towers, on a day of very high power demand (e.g. during a heat wave). Heck, that sort of thing has happened by accident! It’s a much more credible threat than this tripe. This is nothing but deliberate scaremongering, pure and simple. Be scared! Vote Republican!
“…they have the same training, the same passwords…” Well, duh, under those conditions you can bring most anything down. Gimme a break.
I completely believe this story. I perform these type of tests for many power companies. I have never failed to access and control SCADA. Until you perform one of these tests, you would have a hard time believing it. Yes, allot of these systems are on the Internet, sometimes they are connected to Modems. I had one job where a power generator controller was connected to PCAnywhere with no password authentication. I had the ability to click on the button that said “Power Down”! It is as bad and usually worse than you hear and read about.
24,
Ummm..
I dont need the internet…
Take a Long Wire, weight it on the ends, and Throw it up…
If nothing else, Use the TIMBER method, and Knock a few posts down..At the main relays, or main transfer station..
This is truly a bunch of fear mongering by everyone involved, White House, DHS, power companies and news organizations. In the videos they talk about “previously classified footage” (The same “source” said the video was marked “For Official Use Only”, a restriction, not a classification, CNN), “little understood controls” (I can’t find the original source) and ” controlled hacking into a replica of a power plant’s control system” (again, CNN).
If the video were truly classified, it would not have been released with official commentary. If the control electronics were truly “little understood” then why the hell (not to mention HOW) are we using them.
Finally, how hard is it to remove the governor from a motor, hook it up to a “control” device that doesn’t really control it, then sit someone (who presumably built the system) and tell them to destroy it?
When I was in elementary school we used to build “buildings” out of dominos then shake the hell out of the table to see what damage an “earthquake” would cause to our home town. This as about as much credibility as we had back then.
If I wnated to take out the grid I’d knock down a lot of pylons carrying the cables.
Unprotected, hard to replace quickly and easy to demolish.
Don’t tell anyone I said so.
#27 & 30 have a better idea of how to take down the power grid.
If anyone thinks the generator control computers are accessible from outside the plant, they are sadly mistaken. What is interconnected, and not through the internet, are the output computers where a regional controller may shut down a grid in order to protect the system.
It’s been a few years but that is the way it used to be. I doubt there is any over riding reason to change that.