Hackers and the US Power grid
tacos at fetrow.org
Fri Nov 9 22:50:41 CST 2012
It just astounds me that critical power generation and distribution
equipment is actually connected to the public Internet.
It seems incredibly stupid to me.
I did some work with Mitre several years ago. They ran their internal
network with no connection to anything outside. Of course, part of
what they do is DoD work. I wanted to give them access to some of my
equipment so they wouldn't have to drive 60 miles to "adjust" things.
They told me they didn't have modems at all and were not allowed to
buy them. I reached inside a cabinet, pulled one out and gave it to
them. They got permission to instal it on a computer that had a new
OS install, and no connection to their network.
Now, why can't the power companies do the same thing. Run an internal
network. Seeing that they are the second biggest users of point to
point microwave (next to phone companies), it would seem trivial.
I had a discussion with a high level engineering manager with a power
company once and I stated that it seemed obvious to me that nuclear
plants were not connected to the public Internet and he turned white.
On Nov 8, 2012, at 11:50 AM, tacos-request at amrad.org wrote:
> Message: 1
> Date: Wed, 07 Nov 2012 22:09:09 -0500
> From: Andre Kesteloot <andre.kesteloot at verizon.net>
> To: Tacos <tacos at amrad.org>
> Subject: Hackers and the US Power grid
> The National Security Agency says computer hackers are ramping up
> efforts to take down the U.S. power grid, with a 17-fold increase on
> attacks to the nation's critical infrastructure in the last two years.
> "They're growing from disruptive to destructive and our country has
> bulk of this network," Gen. Keith Alexander, the NSA chief, told the
> Aspen Security Forum in August. "We're the most vulnerable and we need
> to do something about it." [Read more: Meyer/WKYC
More information about the Tacos