‘Sinister’ Integral Energy virus outbreak a threat to power grid — Cripes!

A virus outbreak is wreaking havoc with Integral Energy’s computer network, forcing it to rebuild all 1000 of its desktop computers before the “particularly sinister” bug spreads to the machines controlling the power grid. A spokesman for Integral Energy, a major energy supplier, confirmed that the company had called in external information security experts to “rebuild all desktop computers to contain and remove the virus”.

The malware had not affected power supplies to customers or business data and was “contained within Integral Energy’s information technology network”, the spokesman said. But Chris Gatford, a security consultant at Hacklabs who has conducted penetration testing on critical infrastructure, said there was often “ineffective segregation” or “more typically none at all” between the IT network and the network that monitors and controls the infrastructure.

Found by Mark.




  1. herdimmunity says:

    It’s going to be real bummer when the only electricity you’ve got is on the ‘smart’ grid and it goes down.
    The national electricity grids of most countries were built and worked fine with control systems built with valves. This new technology sucks.

  2. ECA says:

    “said there was often “ineffective segregation” or “more typically none at all” between the IT network and the network that monitors and controls the infrastructure.”

    So whats the problem?

    #1 rule..
    DONT run OTHER programs on CRITICAL computers.

    IMHO..
    Running the network of power sources and cutting out the HELPERS/HUMANS is a bad thing.
    A human can look at something and TELL you if there WILL BE a problem..NOT after it has happened.

    This system is to allow the POWER companies(not the Maker/creators of the power) to Easily distribute power to those that PAY FOR IT. Which means that YOUR electric company PAID more to get you the power. They also FIRED a couple thousand people that go out and MONITOR the lines.
    now THEY CHARGE YOU more, EARN TWICE AS MUCH, AND STILL SHOW A PROFIT.

  3. Hugh Ripper says:

    Why have the control network exposed to the internet, even by proxy. Ill never understand this. I’ll bet it was even directly accessible from the net via a VPN client or the like (or worse). Their IT department and consultants should be fired.

  4. LibertyLover says:

    #3, This is becoming more and more common. It is a way to reduce costs substantially — you don’t have to have the consultant on site (per diem, travel, etc.). 9 times out of 10, the consultant would be logging in from a workstation to a server anyway.

    That being said, it is the consultant’s responsibility to ensure they aren’t uploading something they shouldn’t be.

  5. Hugh Ripper says:

    #4 Lib

    Having something as sensitive as a power grid directly accessible from a public network is asking for trouble. It should be completely isolated from all other networks. Even the power companies admin or IT dept networks should have only minimal and essential connectivity to the control network. Running Symantec software probably didn’t help either 😉

    I hope to god that nuclear power plants and military networks are better designed. There is no need for any exposure to public networks.

  6. Benjamin says:

    There is no reason that the computers that control the powergrid need to be on the same network as the office computers. Just asking for problems. The quarterly publication 2600 had an article about this very subject.

  7. yanikinwaoz says:

    “I hope to god that nuclear power plants and military networks are better designed. There is no need for any exposure to public networks.”

    At least the military ones aren’t. Have you been following the case of hacker Gary McKinnon?
    http://en.wikipedia.org/wiki/Gary_McKinnon

    He pretty much just waltzed right in to the Pentagon’s networks. Turned out they did a really bad job of securing themselves.

  8. Olo Baggins of Bywater says:

    Where is our IT Czar?

  9. ECA says:

    WOW,
    we all agree that this is silly..

    The only way I would have EXTERNAL access is if it was a DEDICATED line or/and encrypted interface on the Main computer.

    Even with dialup, which would be an option. As most of the net is ALMOST not usable by DIALUP.
    Encrypted interface would mean they would have to be running a secondary interface to do ANYTHING. You couldnt even enter a password without the interface.

    Anyone OLDER then 20, should KNOW the ramifications of running an OS on the internet. And should have been REQUIRED to recover the system EACH time it crashed.
    BASIC knowledge of what kills a SYSTEM..INPUT!!
    If you have a solid system and its setup PROPERLY and will do ALL that you want/need. The only way to INFECT this system is INPUT.
    Floppy drive to CD/DVD to INTERNET. RESTRICT INPUT and you have a SAFE system.
    BEFORE ANYTHING is allowed on the system is is SCANNED 10 times from HELL with the meanest scanners you can FIND.

  10. RSweeney says:

    We went through this argument in the 90’s.

    Control networks MUST be physically isolated.
    Period.

    And thank heavens those “smart grid” meters that Obama thinks so much of have a long range wireless interface and a hidden secret switch to turn off the power to your house on command.

    Surely this will take hackers minds off of playing with PC networks.

  11. deowll says:

    Part of the problem is they don’t want to use real dedicated machines with an embedded software program on a rom.

    They want to use non dedicated computers running a software program on top of an OS and these things can and will be hacked.

    Not just stupid. STOOOOPID like texting while driving in heavy traffic!

  12. ECA says:

    #10, I hope you are being funny..
    its not Obama’s idea..Its the ELECTRIC companies idea. always has been. and would eliminate 1000’s of jobs and increase profits..

    #11, AGREED..they could do the same thing with a Commodore 64..and really freak people out. its a basic relay system.


0

Bad Behavior has blocked 6024 access attempts in the last 7 days.