Posted on 08/14/2003 8:11:00 PM PDT by StatesEnemy
As far as we know, no one has ever deliberately hacked into the U.S. electrical grid and pulled the plug on millions or even thousands of people. Just as on Sept. 10, 2001, no one had ever deliberately crashed a jet airliner into a skyscraper.
Is the power grid vulnerable to cyberattack? What about natural gas pipelines, nuclear plants, and water systems? Or refineries and other industrial facilities that run on similar Internet-enabled digital control systems? Could a terrorist or disgruntled employee cause lethal accidents and millions of dollars of damage? What about a bored 14-year-old?
"Are we vulnerable?" asked Joseph Weiss, executive consultant for KEMA Consulting, which is based in Fairfax, Va. "Of course, we are. We designed ourselves that way."
None of the industrial control systems used to monitor and operate the nation's utilities and factories were designed with security in mind. Moreover, their very nature makes them difficult to secure. Linking them to networks and the public Internet only makes them harder to protect.
Wireless Intrusion
Paul Blomgren, manager of sales engineering at cyber- security firm Rainbow Mykotronx in Torrance, Calif., measures control system vulnerabilities. Last year, his company assessed a large southwestern utility that serves about four million customers.
"Our people drove to a remote substation," he recalled. "Without leaving their vehicle, they noticed a wireless network antenna. They plugged in their wireless LAN cards, fired up their notebook computers, and connected to the system within five minutes because it wasn't using passwords.
"Within 10 minutes, they had mapped every piece of equipment in the facility," Blomgren said. "Within 15 minutes, they mapped every piece of equipment in the operational control network. Within 20 minutes, they were talking to the business network and had pulled off several business reports. They never even left the vehicle."
Blomgren, of course, is a professional with a professional's tools. But Eric Byres, research manager at the Internet Engineering Laboratory of the British Columbia Institute of Technology in Burnaby, maintains that any hacker could achieve similar resultswith free software off the Internet and a can of Pringles.
Wireless systems are especially vulnerable to attack, Byres said. He cited as an example a petrochemical plant that he just finished assessing. "They had an overflow pond that wound around the plant site and wanted to put sensors on it, but they were worried that if they ran fiber, someone might dig it up," he said. "So they put in a wireless system."
Because the wireless system was part of the plant network, information technology engineers assumed the firewall would protect it from unauthorized access. That was not the case. Because they thought they were secure, they never even turned on the wireless transmitters' security features. Byres said that many information technology, or IT, professionals don't even know these options exist.
(Excerpt) Read more at memagazine.org ...
Nah it's those Cheese Doodles.
You should start paying more attention.
Ask for a cookie.
Ouch! Good one!
Our government is failing to protect us.Or our failed protectors govern us not wisely but too well.
No... we should be aware of the vulnerability of allowing sensitive systems to be broadcasting unsecured on WiFi.
Surely this is common sense - not hyperbolic hand-wringing.
I don't think it is irresponsible. WAPs are proliferating and extremely tempting to hackers. They are instant access to an internal network with no firewall protection. Furthermore, they are often installed by ordinary computer users with no encryption, creating a major security risk.
Terrorists like to blow things up, not dig around in a petrochemicals payroll system.Students of Chairman Mao's notion of the soft strike (to degrade as opposed to destroying hostile systems), an interpretation of passages from Sun Tzu, excepted.
Humor is the only proof of sanity these days.
Honestly, I do not know.
B.S., obviously the author of this piece of crap has not done his research, or has no contacts to get correct information. Yes, most large companies, utilities included are on the internet, but NOT the computers that run their vital systems!! SHEESH!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.