Posted on 09/04/2003 2:07:51 PM PDT by presidio9
Edited on 04/29/2004 2:03:04 AM PDT by Jim Robinson. [history]
The FBI found no evidence of any type of terrorism or criminal hacking in its investigation of the August power blackout in the Northeast, but the threat of such action remains a concern, the FBI's top counterterrorism official told a House committee Thursday.
(Excerpt) Read more at cnn.com ...
believe what you want... THAT'S FINE for you folks who light torches, carry pitchforks and recite chants to 'ward' off evil or 'fix' machinery ... those of us in the OBJECTIVE WORLD base our OBSERVATIONS on factual inputs and leave 'beliefs' to those lacking the training or the faculties to comprehend such matters ...
Yeah yeah yeah ... AFTER THE FACT doesn't cut it in a situation like this.
Light another torch ...
Relate ONE objective item that 'links' this to terrorism.
There isn't one shred of any kind of evidence that's out there ... pointing to a *****broad***** event like a 'generator outage' or 'computer problems' in the control room is insufficient; those things points to *no* particular cause in and by themselves ...
Egypt Air flight 990
TWA flight 800
all flights out of JFK, all crashed into the Atlantic.
The chance that it was a virus are really, really, REALLY low, because, to quote DiNicola:
The possibility that an Internet "worm" infected FirstEnergy's transmission control-center computers is remote, said DiNicola, because the computers in the control centers are not based on Microsoft operating systems, which are most commonly the targets of such computer attacks."Obviously, we are going to look at all issues involving the system in the control center," he said. "But most of the virus and worms under discussion are based on Windows [manufactured by Microsoft]."
I think I have your common thread, your common denominator - sea water ... I hear it's a real big threat if you head east and experience catastrophic airframe failure, poor pilotage or 'nose her down' with ill intent in mind ...
Anybody with a little lab equipment -
o A couple of regulated DC power supplies equipped with Current and Voltage meters
o A DMM
o A resistive load that will give a current load of an ampere or two at 12 volts
- can perform a little 'lab' experiment to experience what the 'power system operators' experience ... connect all devices (2 power supplies and the one load) together using any suitable set of test leads or wire ... switch on the power supplies and adjust the first one for twelve volts as seen at the 'load' (the big resistor) ... this first supply will be carrying 'all the load' presented by the resistive load.
Now bring up the second power supply slowly ... attempt to achieve 'load balance' now with *each* supply carrying half the full-load current ... your success in LARGE PART will be dependent on *how fine* an adjustment you can make with the voltage adjust poteniometer ...
Why all they had to do was pick up the phone and call _jim
By Paul Eng ABCNEWS.com
July 8 — Many security experts fear that the next big terrorist strike against the United States might be on — and through — the Internet and other vital interconnected computer networks.
And the suspected attacks won't just deny Net surfers access to their favorite Web site or increase the risk of damaging computer viruses through e-mail. Rather, experts say the next cyber attack could actually lead to physical damage to real-world targets.
For example, terrorists might decide to take out the nation's telecommunication networks by modifying the software of computers that control the switching network. Or, they might work their way into the digital software systems that help air traffic controllers guide the thousands of planes that fly over U.S. cities.
"It was unthinkable almost a year ago in the general public mind that a common airplane would be used in attacks against buildings," says Simon Perry, vice president of security for Computer Associates in Islandia, N.Y. "It's the same here. IT [information technology] will be used to attack the physical world."
Evidence of Possible Training
Sound farfetched? Perhaps. But evidence is mounting that such cyber warfare may be on the minds of al Qaeda terrorists.
As first reported in The Washington Post and confirmed by ABCNEWS, U.S. investigators have discovered there have been numerous anonymous probes over the Internet for information regarding the nation's emergency phone system, water-distribution networks, and power grid — all critical parts of the U.S. infrastructure. Perhaps more disturbingly, officials also confirmed to ABCNEWS that some of these "probes" were focused on "digital switches" — devices designed to allow authorized personnel to monitor and control various aspects of a complex network of machines.
Vulnerable Switches?
Perry says these control systems used to be "esoteric systems" — ones that used proprietary interfaces and computer languages — and were accessible only to those who were trained in their specific designs.
But many such control systems are now based on the same UNIX software and communication protocols used by computers that are widely connected to the Internet. And while most control systems aren't connected directly to the Internet or accessible through a simple Web page, they are connected to other computer systems that typically are available online.
And there have been cases where others — typically disgruntled former employees or other malicious insiders — have used such hidden, but still-vulnerable systems for their own exploits.
Peggy Weigle, chief executive officer of software security firm Sanctum in Santa Clara, Calif., notes that just such an incident occurred a few years ago in Australia.
In that case, a former employee of a water-treatment plant had managed to gain control of the digital switches and secretly reversed the flow of fresh and sewer water. (The employee had hoped that the company would hire him back in order to solve the problem.)
While such incidents have been few and isolated, some security experts worry that it won't remain so for long.
A Mix of Old and Digital
"We've been talking about this kind of [threats] for months," says Weigle. "Just by looking at the organizations we've been involved with — financial institutions, water-treatment plants, power plants — they are all vulnerable to attack."
And Weigle believes that the power of such terrorist attacks could be devastating — especially when coupled with an attack using conventional means.
"Let's say they launch an attack on a power station," says Weigle. "Someone's going to call into the 911 emergency system. A lot of these [phone] systems are based [on computer protocols]. Can they be hacked? I think so. How long would it take people to figure out the right information on what was going on and what was wrong?"
But some say that such wide-ranging network attacks — while possible — are extremely difficult to pull off.
"It would still be fairly difficult [to] break in and jump through different switches," says William Tang, chief executive officer of Digital Security Consulting, an Arcadia, Calif., company that advises the electric power-generation industry. "There are some process controls, if you decide to throw all 500 switches that control the power in Southern California, it could alert a human before it does that."
Other experts note that companies and public institutions aren't exactly unaware or insensitive to the threats of Internet security.
George Hellyer, a director at security consulting firm JANUS Associates in Stamford, Conn., says that the years of attacks by hackers with viruses — and the recent unconventional attacks by terrorists — have stirred some movement by the public and private sectors.
When it comes to addressing network security issues, "we've seen changes over the last several years," says Hellyer. "They're thinking outside of the box and addressing what we thought was unthinkable is now possible."
Keys to Survival
However, Hellyer and others note that awareness is just the beginning and that both the government and the corporate world still have a lot of work to do when it comes to preparing for and preventing a cyber attack using the nation's information and support infrastructure.
For one, many believe that while corporations are paying attention to the threats against their networks, they aren't spending nearly the amount they should be on security solutions.
"When you work out the percentage of corporate budgets spent on IT security, it's less than 1 percent," says Computer Associates' Perry. "Most organizations spend more on coffee that IT security." By Perry's estimation, companies should be spending at least 100 times more on security measures.
And the money that companies do spend on network security shouldn't go to just technology solutions such as firewalls or network intruder detection systems, but toward hiring smarter, security-savvy people who will actually manage the various networks.
Over the last two years, the number of computers added to the Internet has more than doubled from 71 million to more than 146 million, says Alan Paller, director of research at the SANS Institute, a network security information clearinghouse in Bethseda, Md.
"Yet, there has only been about 25,000 people who can even spell 'security' that have been added in those two years," says Paller. "We need to up the security skills of these [network engineers]. And that's not going to happen overnight."
RELATED STORIES
Blah blah blah.
Vaporware ...
MOTHER NATURE is a much bigger threat on a daily basis - ever read the details behind the 1977 NYC Blackout or the 1996 California Blackouts?
All these guys write reports as a means of job justification ... there is a MUCH bigger bogy men out there than 'terrorists' in the form of nature and human error.
Why is this so the layman asks?
We continue to build larger systems and more interconnected systems as well as experience different circumstances thrown at us from mother nature's direction, both in terms of events (like ice storms, electrical storms, ion storms) but also from the unpredictability of how materials/equipment react sometimes in adverse and severe environment as when stressed during unforseen circumstances
From: http://eetd.lbl.gov/certs/pdf/Dobson_4.pdf
Blackout Mitigation Assessment in Power Transmission Systems Electric power transmission systems are a key infra- structure and blackouts of these systems have major direct and indirect consequences on the economy and national security.
Analysis of North American Electrical Reliability Council blackout data suggests the existence of blackout size distributions [are proportional or related with] with power tails [system size or complexity]. This is an indication that blackout dynamics behave as a complex dynamical system. Here, we investigate how these complex system dynamics impact the assessment and mitigation of blackout risk.
The mitigation of failures in complex systems needs to be approached with care. The mitigation efforts can move the system to a new dynamic equilibrium while remaining near criticality and preserving the power tails.
Thus, while the absolute frequency of disruptions of all sizes may be reduced, the underlying forces can still cause the relative frequency of large disruptions to small disruptions to remain the same.
Moreover, in some cases, efforts to mitigate small disruptions can even increase the frequency of large disruptions. This occurs because the large and small disruptions are not independent but are strongly coupled by the dynamics.
...
In this paper, we focus on the intrinsic dynamics of blackouts and how complex system dynamics affect both blackout risk assessment and the impact of mitigation techniques on blackout risk. It is found, perhaps counterintuitively, that apparently sensible attempts to mitigate failures in complex systems can have adverse effects and therefore must be approached with care.
YOU don't know how close to the TRUTH you are on this ...
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.