Skip to comments.Electrical Grid Is Called Vulnerable to Power Shutdown (SCADA vulnerabilities)
Posted on 10/19/2013 5:44:07 AM PDT by markomalley
Over the past few months, the discoveries of two engineers have led to a steady trickle of alarms from the Department of Homeland Security concerning a threat to the nations power grid. Yet hardly anyone has noticed.
The advisories concern vulnerabilities in the communication protocol used by power and water utilities to remotely monitor control stations around the country. Using those vulnerabilities, an attacker at a single, unmanned power substation could inflict a widespread power outage.
Still, the two engineers who discovered the vulnerability say little is being done.
Adam Crain and Chris Sistrunk do not specialize in security. The engineers say they hardly qualify as security researchers. But seven months ago, Mr. Crain wrote software to look for defects in an open-source software program. The program targeted a very specific communications protocol called DNP3, which is predominantly used by electric and water companies, and plays a crucial role in so-called S.C.A.D.A. (supervisory control and data acquisition) systems. Utility companies use S.C.A.D.A. systems to monitor far-flung power stations from a control center, in part because it allows them to remotely diagnose problems rather than wait for a technician to physically drive out to a station and fix it.
(Excerpt) Read more at bits.blogs.nytimes.com ...
The funny part about this is that with the Obama Administration's EPA and DOE working to shut down power plants, there will end up being fewer nodes in the system and those remaining will be more critical than ever. With these SCADA vulnerabilities, the power grid will be more susceptible to interruption than ever before.
Thanks for posting.
DHS had better buy another 2 billion rounds of ammo....
If you click on the link, you see the biggest vulnerability of these substations. Physical security.
All utility SCADA systems (military too) should be off - completely off - the public internet. This simple step (admittedly easier said than done at this point) would go a long way towards mitigating these vulnerabilities in the short-run.
Thanks for posting.
I feel like we’re living on a leaky old patched-up life raft, full of broken glass, and circled by sharks.
The best advice I would have for anybody who wants to minimize their vulnerability to this threat is to get some solar panels for your roof.
That way, when the vulnerability is exploited...at least you'll have some power to keep your lights on and your fridges going.
The funny part about this is that with the Obama Administration’s EPA and DOE working to shut down power plants, there will end up being fewer nodes in the system and those remaining will be more critical than ever. With these SCADA vulnerabilities, the power grid will be more susceptible to interruption than ever before.
As time goes on I see this more and more as part and parcel of a ‘master plan’. I even wrote a short story to get people to think about it. It’s far-fetched in many ways and many posters dissected it. But very few actually thought about the premise and what they might do in such a situation. Perhaps you might want to read it and give me your own viewpoints.
High-income green freaks have their own deisel generators. I know this because my ex installs them.
Fridges take a LOT of solar to run. Lights (especially LEDs) and tech gadgets are easy to keep running, but heat, A/C and fridges are power hungry. Also, I had a shallow hand pump well installed in my back yard. 35’ down to cool fresh water, no electricity required, cost a thousand bucks installed. Don’t forget that if grid power goes down, most public water systems will fail shortly after. Even electric well pumps that run on grid power will fail. You can’t live without water, period.
“Diesel power runs out when the fuel barrel goes dry.
Better to use propane if it comes to that.”
Wouldn’t the propane run out also?
Which would be OK, except for the politicians who are drilling holes in the bottom and telling us that the water will drain out.
Most of the makers of SCADA systems are stovepipe systems and use security by obscurity. The thought of open architecture that would enable even a https:// type of basic encryption will not make it into product development because then the manufactures would have to admit there is a security flaw.
I wonder if things like this will be taken into account for the November grid failure exercise?
If you had a 500 or 1000 gallon diesel tank you could also fun your vehicles.
Does Home Depot et al have good deals on used generators...the ones brought back after the last disaster?
Well, a fridge generally goes through 1 kwh or so per day. If you can end up using a 1 kw system (and, assuming, you have the equivalent of 8 hours of sun a day to run it), you should have plenty of juice for the fridge plus a reasonable number of lights and your FR machine. But not for a/c or electric heat.
Won't water the landscape sprinklers, but can shower, shave, cook and poop.