AP source: Spies compromised US electric grid (Flashback, 2009)

AP via Breitbart ^ | 4/8/2009 | JORDAN ROBERTSON and EILEEN SULLIVAN

[Qbert]

SAN JOSE, Calif. (AP) - Spies hacked into the U.S. electric grid and left behind computer programs that would let them disrupt service, exposing potentially catastrophic vulnerabilities in key pieces of national infrastructure, a former U.S. government official said Wednesday. The intrusions were discovered after electric companies gave the government permission to audit their systems, the ex-official said. The official was not authorized to discuss the matter and spoke to The Associated Press on condition of anonymity.

[Snip]

"The vulnerability may be bigger than we think," the official said, adding that the level of sophistication necessary to pull off such intrusions is so high that it is "almost without a doubt" done by state sponsors.

The Wall Street Journal, which reported the intrusions earlier, said officials believe the spies have not yet sought to damage the nation's electric grid, but that they likely would try in a war or another crisis.

Chinese and Russian officials have denied involvement in hacks on U.S. systems.

The malicious programs were probably purged immediately from the utilities' networks after their discovery.

Intrusions are generally much harder to detect than to clean up, though purging malicious programs from mission-critical systems poses a special challenge, since computers often have to be running around the clock and can't be shut down to be scrubbed clean. If that's the case, proper backups need to be in place to make sure an infection is fully neutralized.

The attacks highlight serious problems that utilities like power and water companies face as they add more technologies for remotely managing their facilities. Any system networked to the rest of the world—from financial systems to university records to retail operations—can leave openings for hackers.

[traditional1]

The cause was operator ineptitude, and the loss of the EMS/Computer system did NOT cause the blackout; period.

Had the System Operators had any clue about how to operate a system, they would have taken action hours before the tree fell.

You have no idea what happened or the sequence that led to it; I do.

[ClayinVA]

you are telling us that the grid operators could not figure out which button to push for 24 hours. I have heard the stories, but again most in IT think it happened due to SCADA computers getting hit by the blaster worm caused by tying of the regular network and SCADA network together for monitoring and config purposes. I just don’t believe the offical story

[traditional1]

Nope; the restoration was delayed because, again, the system operators (on the system where the voltage collapse began) had NO CLUE as to how to restore generation and load, and made multiple mis-guided and incorrect attempts, until knowledgeable personnel and a restoration plan was begun. Multiple OTHER systems were restored in a matter of 8 hours or so, where skill was present.

SCADA/EMS is NOT essential in system operations in knowing how a power system operates, putting personnel in key locations to effect switching and monitioring, etc. It's been done that way for decades. The sophistication and enhanced information is not a substitute for skill and operating knowledge, so "my computer was down" is NOT an acceptable excuse, period.

Those who think ONLY a computer can operate/provide control/provide information of a power system have not operated a major transmission/generation system.....and do not understand how they work.