Posted on 11/14/2017 7:34:53 AM PST by bananaman22
The American grid security story grows increasingly grim. Last week, security consulting firm Symantec warned that recent cyberattacks gave hackers direct access to the nation’s power grid on multiple occasions, according to a new report by Wired.
This time, not only the United States was exposed, said Symantec. Europe also experienced similar vulnerabilities, proving the hackers could have induced blackouts on both sides of the Atlantic. Thankfully, this apocalyptic scenario didn’t happen.
In spring and summer 2017, the Dragonfly 2.0 hacker group—a primary culprit featured in cybersecurity reports from many experts lately—launched campaigns against energy companies. They succeeded 20 times, hacking their way into full access to their target companies’ corporate servers and operations controls. This meant they could turn off circuit breakers that control the direct flow of electricity to homes and businesses.
(Excerpt) Read more at oilprice.com ...
I used to work in the industry. Utilities that are smart will never connect operations with the internet.
Operators would find it convenient to open a valve or start a pump from their home, but they are forced to drive to the control room often many miles to do so. This is the only way to ensure safety from hackers.
However some utilities think they can build safe bulletproof VPN style remote access to plant controls. They are fools.
This way they could hire fewer people in the field and run everything from a central control room with just a couple of employees.
What with all the pension fund problems this probably seemed like a good idea until...
I used to work in the industry. Utilities that are smart will never connect operations with the internet.
Operators would find it convenient to open a valve or start a pump from their home, but they are forced to drive to the control room often many miles to do so. This is the only way to ensure safety from hackers.
However some utilities think they can build safe bulletproof VPN style remote access to plant controls. They are fools.
Airgaps are pretty good defenses to hacking.
My eldest son is an operations guy at a nuke plant.
In the plant where he works, nothing, and I do mean NOTHING, relating to plant operations can be accessed remotely. The ops network in the plant is not connected to the internet in any way.
Remote monitoring? Yes. Remote ops? Not in a million years.
The wealthy and elites think a power outage will not affect them more than a few hours. What happens when it is several days?
I have lived without power for nearly four days in the middle of a winter storm in the woods. I had a propane powered fireplace insert which heated the down stairs fairly well, but up stairs it got down into the low 50’s at night. If I wanted to take a shower and eat hot chow I had to get in my four wheel drive and drive to my parents house in town. First I spend the day cutting my way out of the woods, with twenty trees alone down on the road to my house, the main road looked like a war zone. Had my parents not been an option I could have survived but it would have been much harder and unpleasant.
After that fun I now have a small generator and keep several cans of gas with stabil in them through the winter months. I have enough juice to keep my fridge going, run a microwave and maybe watch a tv and I always make sure my chain saw has gas, oil and an extra chain in case I have to cut my way out of the woods again.
The Israelis managed to hack into Siemens SCADA, and that’s no mean feat.
L
“Remote monitoring? Yes. Remote ops? Not in a million years.“
If it can be monitored via the web it can be controlled via the web.
Period.
L
.
The US power grid can and frequently has been taken off of remote access.
This is routine when repairs need to be made, simply for the safety of the crews.
.
.
>> “If it can be monitored via the web it can be controlled via the web.” <<
The position of switches, and condition of fuses always can be monitored, but that does not always translate to access. It is something that changes from time to time.
.
“The position of switches, and condition of fuses always can be monitored, but that does not always translate to access. It is something that changes from time to time.”
“Does not always” does not inspire much confidence. Mostly because it means sometimes it can.
L
.
Yes, sometimes, but lately, very infrequently.
Recent fires have put the west on manual control for the forseeable future.
.
Period.
L
I know you weren't trying to be funny, but that was funny.
I put a webcam on the side of my house looking at my driveway... now use that webcam to start my car... I'll even give you the IP address, admin account, and password for the web cam...
Good luck smartypants... LOL
Go ahead and laugh, Skippy:
https://www.techrepublic.com/article/report-iot-attacks-exploded-by-280-in-the-first-half-of-2017/
L
Uh... yeah... IoT... connected... vulnerable... I get it...
Now let’s get back to how you’re going to use that web cam to start my car... Skippy he sez... LOL
You’re not, oh what’s the word, oh yes. “Smart” That’s it.
L
Still waiting for you to use that web cam to start my car.
But you can’t.
I can use it to shut down your business. Would that do?
L
The local TV networks better hope their camera batteries are charged. I’d hate to miss riots in Baltimore, Chicago, LA, etc...
At this point I’m leaning toward you being intentionally obtuse because you find it entertaining.
I can’t imagine that you really don’t get the difference between connected and not connected.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.