Cyberspies Penetrate U.S. Electrical Grid

Just the latest target in a war long-running between the Pentagon's server protectors and foreign invaders.

There is nothing passive or cheap about real protection.

In the best tradition of the ancient spy-vs.-spy game, I would hope that some genius has found at least one of these back-door programs and installed a booby trap that will send a Trojan Horse to anyone who attempts to trigger the sabotage. It would be a fitting retaliation, if not an effective deterrent.

True enough MNIce.

Good idea to have that done.

Of course as was part of the message in Dr. Strangelove, you have to tell people you can do such and such to them, for there to be a deterrent, and then as well they need to have a reason to believe you are not bluffing.

As an addition to the recommendations given before, I see your suggestion as sensible, but still maintain that off line, off computer, mechanical control of the Grid, is likely the best final front defense against a hack attack.

Really I only say so because this was discussed awhile back.

please explain a layer 2 link.

The way in which computers "talk" to each other today is based on a 7 layer protocol known as the "OSI Model". "Layer 2" is one of the required components of that model.

Basically... it consists of 7 essential requirements. Layer 1 is the hardware, the "wire". Layer 2 is the the data packets that flow over the layer 1 wire. "Ethernet" is layer 2 as is "AppleTalk". "TCP/IP" is layer 3, as is "IPX/SPX", and so one. Layer 4 is the data delivered to the OS running on the machine by the running layer 3 process. I may have them mixed up a bit... been awhile since I talked to this.

Here is a link... http://en.wikipedia.org/wiki/OSI_model

And "No" I am not talking about firewalls or other "system" based barriers, I mean "no", as in "none", layer 2 links at all between the systems.

GA!

Not my decision, or yours; but I agree whole heartedly.

what system are they using? windows? Linux would be more difficult to hack, Maybe they need a specific OS just for devices that could cause a security threat

I would not only run a separate OS but really do a layer 1 separation.

Banks do this to split up the data steams so they are sure that no one listens or could interfere.

ATM's are normally interconnected through separate "cold copper" lines, it would be much easier for those companies to hook up to the local Ethernet network and go to a server. They have chosen not to do this due the delicacy of what has to be communicated.

The fact that each time governmental companies are hacked in the core of their business proves that politicians should know when they need to step back and leave the real work to the professionals. And politicians need to accept the cost, their job is to find the money not to "improve" the system.

Do you have any evidence of this? Some links you can share. Sounds like your "local news radio station" might be tuned into Rush Limbaugh.

Thanks to you, This looks to me like the first good response to this article.

Bob

As usual, a well crafted and lucid reply. I agree with the majority of your post. Where I differ is...

Back in the mid 90s I had the fun of automating 11 high speed food packaging lines. We went from relays and glass tube timers to 11 TI 545 PLCs with local I/O and Profibus DP to ET200 for remote I/O. Local machine control was by RS-232C connected Cutler-Hammer PanelMate touch screens.

We implemented a full MES application running on a honking big K series HP box running HP-UX. FactoryLink, running on the HP server via X terminals, a HMI/SCADA package, "talked" to an Ethernet capable module that went right into the PLC rack. This module talked NITP (Non Intelligent Transfer Protocol) and basically red and wrote to memory registers in the PLC memory space when commanded to by the FactoryLink app and could do nothing else. The FactoryLink app provided the 1st tier of the MES app. An Oracle app running on even bigger HP boxes then queried the FactoryLink app and provided the 2nd tier MES app.

That was essentially the type of system, perhaps change the names and manufacturers a bit - but pretty much basically the same, that would be used by the utilities. Given such a setup, I agree with your premise that no "bug" or "virus" could impact the controlled system and that some one with clandestine access to the "network" could do little to impact the connected process.

The problem... today, the story is not the same. Given the proliferation of Active X and java apps for machine automation, and that just about every system has full Ethernet capability, full blown access to a connected automation system could be as simple as an unidentified bug in coding in some app somewhere.

Todays MES systems bring a new level of interconnection between the corporate desktop and the controlled system or process.

Let us not even mention a software based PLC. Lets hope that some utility somewhere has not interfaced such systems in this manner.

And as a side issue... there are many other ways to interrupt the business of a utility beside playing with the grid itself.

Corporate LANS are like sieves by times. Wonder where to impact a utility best... compromising such a LAN may just give you the data.

Is it a bogus issue that can be ignored, no... but neither is it the doomsday thing that the "sales guys" on the radio throw out for the masses. As usual... a little of both is closer to the truth.

Interesting discussion...

The last virus did succeed in blocking for days the German and the French military net.

So in both countries military planes had to stay on ground and in Germany the individual locations were (hard) disconnected to regain stability.

This was reported in local newspapers. Usually to be trusted.

RHABE

While there have been some excellent replies on how the power grid can be protected, it should be remembered that Homeland Security raised the alarm in terms of "it might have been hacked".

Doesn't the importance and hence budget of Homeland Security rest on there always being a potential threat?

I'm probably being cynical when I suspect it is mainly a beat up to enhance the position of one government department over others.

That said, if another country is hacking in (and I'd be surprised if they haven't or at least tried), specialized coding will be of little use. Government backed hackers have access to all available info on such systems and usually have people with the talent to make use of it.

An automatic fall back to mechanical systems should be provided as a guard against such an occurrence.

If an attack occurred, then as soon as instability started in the grid it would automatically fall into manual control and be immune to further computer interference.

Easier said than done, and I wouldn't like to be the operators trying to regain control of the system.

These things are really only difficult when discussing them at the OS level, if we drop down to the level of the executables being run it becomes more clear.

One also has to get into the specifics of "hacked".

Creating a destructive executable to devour available resources is pretty easy and will stall most software, but critical software runs in protected space, and the first thing you protect it from is the OS.

Creating a control executable is obviously more difficult and then specific knowledge is required.

As for Homeland (why does that always sound like the 3rd reich to me) Security and a threat level never to dip below Orange again - don't get me started.

I don't believe the story. I've worked in FMS systems for 10 years for Johnson Controls, and I can assure you that in the hundreds of installations of building control systems, none were even allowed internet connections to the same controlling workstation, let alone the stand-alone FMS controls, with their own proprietary software and custom datasets for that building/applications. Electrical systems would run exactly the same types of software for control of switchgear.. it would never be connected to the world.

I suspect the purpose of all this is to justify the allocation of funds TO connect them to the net with supposed 'high security' firewalls. that gives the evil empire control over the utilities, in the name of 'protection', and eliminates the reliance on humans.. short version, more control for them. protection is the last thing this is. We already have protection, and it has not failed.

Think about it.

Chris

I reread the Wall Street Journal report at the head of the Thread, after reading all other postings so far.

Hopefully I or someone will be able to find the Thread of of a couple of years ago on generally the same subject. My understanding of that "experiment" was that once Grid employees opened the dummy message supposedly concerning their pensions control through their computers of the Grid, was enabled. I was under the impression that this provided the specific information needed to manipulate The Grid.

It was at this time and in that Thread, that some posters explained that The Grid, had become overly dependent on computer controls.

Further in the body of the Wall Street Journal report it is also reported that continuous attempts at gaining secrets from US industry, and the Military through cyber invasions were of concern, and also warranted defensive measures.

So then it follows that even if protocols for computer operations and control of The Grid are sufficient, the US has other reasons to advance protective, defensive measures.

Even JRaef allows that localized and specific disruptions of The Grid, are possible. Then JRaef discounts the effects saying no widespread cascading Grid disruption was possible.

Of course if the localized and specific disruption of the Grid was simply confined to Manhattan, this ought to be enough to encourage appropriate defensive measures.

Regardless of whatever attitude you may have towards Big Government, it is a legitimate role for Government to provide Defense.

In this era smart adversaries have strong incentives to manipulate and achieve destructive capabilities from afar, without actually having to show their hand.

Even if you discount the reported threat to The Grid, the report provides sufficient reasons to support enhanced defense of the US, and Allied Nations Cyber Security.

And finally, though The Wall Street Journal is not actually the same paper it once was, I do not yet regard it as some "liberal rag", and feel some of its long tradition of at least being objective in its hard news reporting ought to be taken into account.

I found Security Experts Take over Power Grid in Minutes. It is dated 04/13/08, at least my entry and an entry from Sparkstation. Original start date is from 4/10/08. Source was apparently Newlaunches.com.

I only found a post from Sparkstation, and myself. As a case for Thread, Blog merge, this is another.

The guys from ENRON are back ????????