Posted on 08/14/2003 4:37:07 PM PDT by HAL9000
SAN FRANCISCO (Reuters) - Computer network and security experts said on Thursday there was no evidence the power outage in the northeastern United States and Canada was related to the Blaster worm that began spreading on Monday."I have no thought that (the outage) is Blaster related," said Alan Paller, research director at the SANS Institute in Bethesda, Maryland.
"The Internet is built not to worry about that," he said. "If you blow up any big chunk, it is designed to work." "There is no information available at this time to indicate that the power outages in the Northeast United States and Canada are related to intruder activity," said the Computer Emergency Response Team at Carnegie Mellon, in response to questions about the worm.
The worm targets Microsoft Corp.'s Windows XP and Windows 2000 computers, infects and crashes them and spreads to other vulnerable machines.
Of course it isn't.
Everybody knows it was caused by George W. Bush, his tax cuts for the rich, and his buddies at Enron.
In a related story, thousands of Apple users had to cancel spontaneous "Nyah, nyah, nyah, nyah, nyah" parties.
SAN FRANCISCO -- A program Microsoft instructed customers to use to fix a hole in its Windows software, which is vulnerable to attack by the Blaster/Lovsan worm that infected computers this week, may itself be flawed.
A glitch in the Microsoft Windows Update patch-management system used to download Windows software fixes has tricked some customers into thinking their systems were patched to prevent Lovesan, when they really were not, said Russ Cooper, moderator of a mailing list with 30,000 subscribers that tracks Microsoft's software weaknesses.
"I know of numerous companies -- more than 10 -- with thousands of computers among them that have run into this problem," Cooper said. The problem is a result of the way Windows Update checks that a computer has run a particular patch, Cooper says. As of Wednesday, Windows Update only checked a database to see that the patch for Blaster/Lovesan had been run on a particular computer in the past -- not that the patch was installed and working.
It left open the possibility that computers that crashed during the process, were unexpectedly turned off or simply didn't have enough memory to install the software patch inaccurately reflected that the patch was successfully installed, when in some cases it wasn't, Cooper said.
Microsoft had no comment.
http://archives.neohapsis.com/archives/bugtraq/2003-08/0231.html
Re: CNN: 'Explores Possibility that Power Outage is Related to Internet Worm'
From: Virtual Master (vmastermmd.ath.cx)
Date: Fri Aug 15 2003 - 13:49:06 CDT
The german publishing house "heise", producing the magazines c't and ix, got a news on their page mentioning a probable link between the worm and the power outage.
http://www.heise.de/newsticker/data/ju-15.08.03-001/
The article is in german, but I'm trying to translate the important pieces to english:
The failing niagara power-plant belongs to National Grid USA. That power-supplier is listed as a reference customer of Northern Dynamics. Norhtern Dynamics labeled themselves as "Home of the OPC Experts" and offer a range of products that use OPC for control and operation systems.
OPC stands for "Ole for process control" and is based on microsofts COM/DCOM model. In a network affected by the W32.Blaster worm the DCOM-communcation fails, and therefor OPC fails on unpatched systems.
OPC is employed among other things for the linking of so called SCADA systems (Supervisory Control and Data Acquisition), as used by power-plants.
The OPC experts from northern dynamics also list General Electrics, Siemens AG, european power-plant constructor ABB and the european organization for nuclear research as reference customers.
(end of 'copy')
ANY OTHER MENTIONS OF THIS SEEN?
Since there was no known 'excessive demand' for power that day (it was NOT extremely hot in the region), and no lightning in the area where this is now believed to have started, the question is "what was different about THAT day (versus the prior 25 years, in which there was no blackout)?"
It is very believable that, even if the worm did not DIRECTLY cause the event, some critical piece of the 'chain of protection' could have been taken offline temporarily to either protect it from the worm, or an application could have been closed down (and not backed up) while a patch was being made.
All speculation on my part, but certainly a possibility.
Terrorism, too, was ruled out a little to quickly by politicians, as far as malicious expliotation is involved. Possible links ans clues about terrorist hackers should be looked at closely here whether accidental or maliscious action is involved here.
For example:
MICROSOFT'S chief security expert yesterday warned Australian businesses to be prepared for terrorist attacks using the Internet.
Chief security strategist Scott Charney warned information technology professionals at Microsoft's Tech Ed conference in Brisbane they were "the first line of defence" against terrorists using the Internet to endanger public safety and national security.
Mr Charney said terrorist groups were using the Internet to organise members and warned businesses not to be complacent about their potential security threat.
"Terrorists clearly use the Internet as a communications medium, fundraising medium and for website communications," he said. "We need to work on critical infrastructure protection."
|
|||
|
|||
Mr Charney said governments had become dependent on IT infrastructure, but 85 per cent was owned by the private sector.
It was therefore up to businesses to guard against "a whole new set of threats".
At 3:06 p.m., a 345-kilovolt transmissionline owned by Ohio-based FirstEnergy shut down for reasons that experts haven't determined. FirstEnergy, which owns four of the five lines in question, reported that an automatic system that was suppose to flash a warning on controllers' computer screens failed to operate after the line went down.
Heard a report that Symantec says Cray machines could be affected by this worm.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.