Posted on 11/14/2017 7:34:53 AM PST by bananaman22
The American grid security story grows increasingly grim. Last week, security consulting firm Symantec warned that recent cyberattacks gave hackers direct access to the nation’s power grid on multiple occasions, according to a new report by Wired.
This time, not only the United States was exposed, said Symantec. Europe also experienced similar vulnerabilities, proving the hackers could have induced blackouts on both sides of the Atlantic. Thankfully, this apocalyptic scenario didn’t happen.
In spring and summer 2017, the Dragonfly 2.0 hacker group—a primary culprit featured in cybersecurity reports from many experts lately—launched campaigns against energy companies. They succeeded 20 times, hacking their way into full access to their target companies’ corporate servers and operations controls. This meant they could turn off circuit breakers that control the direct flow of electricity to homes and businesses.
(Excerpt) Read more at oilprice.com ...
After the northeast blackout I was told by a poster in this forum that such hacking was “impossible”.
This is the work of foreign nationals (think: China, Russia, Iran, etc.). These are all military dry runs. Just like nations test nukes for data in the event one is needed, so too these nations are probing and testing our electrical infrastructure in the event of some hostility.
Think about it, if the US were at war, or at some military action, a nation that could cripple our grid could cause serious damage without firing a shot, losing a soldier, or risking hardware.
A one-front, or two-front war suddenly becomes a very complex multi-front war both abroad and domestically, but yet our really smart people refuse to harden our grid.
The real question is why is the grid accessible from the web at all? Which fools decided to use the web? The grid worked just fine for decades before the web even existed.
I used to have this argument when I was at DoD. If you aren’t on the net you can’t be hacked.
After the northeast blackout I was told by a poster in this forum that such hacking was “impossible”.
It is very difficult.
Notice the story claims the hackers got into the system. But they were not able to shut down the power and cause an outage anywhere in the U.S.A.
If there was such an example, the article would have cited it.
I won’t say it could not happen. But power companies are well aware of this threat. President Trump’s administration has made it a priority to harden the U.S. power grid.
Who says they tried to. As noted above, this could have easily been a dry run to test our defenses and our response to the intrusion.
Isn’t Symantec a Chinese owned company?
KYPD
‘a nation that could cripple our grid could cause serious damage without firing a shot’
THey would just sit back and watch us kill each other and then they would come in an pick up the pieces. It would be fatal,
The point was to get into the system.
That alone is a clear message of “I can do whatever I want when I want”.
That is a very good question. I can see using the web for administrative purposes, but for direct electrical generation and control there could, and should be a separate computer system completely independent of any outside access. External hacking could then never occur.
There are some nasty vulnerabilities in SCADA controllers and their interfaces. No more need be said.
And I am certain that’s exactly what would happen. Just imagine Chicago, Oakland, Baltimore, or other large metropolitan areas without electricity (this means no running water, no heat, and no refrigeration). Riots would break out in mere hours! And the responsible agent likely would be anonymous or at the very least have plausible deniability.
You are correct, imo.
The failure to harden the grid is inexcusable.
Of course there are actually 3 grids to harden, East, West, and Texas. I wonder if the Texas grid is more resistant- it would be easier to get back up given its relatively smaller size.
What’s that Boy Scout motto?
I’m not an engineer or a techie...and I’ve ALWAYS asked that question...
I actually know the answer. In govt the worst people get promoted. The people making these decisions are clinically stupid.
That is the problem with medical facilities being hacked. Due to cost and convenience, integrated systems that tie all aspects of a hospital's operations into one module have inherent security problems. It is often cheaper to pay fines and ransom than it is to fix the problem.
There are always “Experts” on both sides of an argument and usually all their expertise amounts to is flatulence.
“If you aren’t on the net you can’t be hacked.”
I have NEVER understood why we want the grid - or even one’s house - hooked up to computer controls. Every time my energy company tries to get me to switch to an electronic thermostat, I tell them where to stick it...I don’t need them to regulate the temperature in my home. Of course, they try to sweeten the deal with a discount on the price of electricity, but I ain’t buying.
We are f’ing stupid if we allow this to continue.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.