Posted on 08/19/2003 2:55:45 PM PDT by Marianne
Al-Qaeda sources announced that they are responsible for the recent power blackout in America. One more lie to add to a thousand tall tales spun by hidden terrorists.
In fact, the recent power blackout actually demonstrated that the electric computer network operated correctly. The blackout began when a critical main line went down, leaving the rest of the network to carry the electrical load.
The network noted that the load was too much to carry and began to shut itself down. The so-called "domino" effect began as each segment of the grid detected an overload and shut down, including 10 nuclear power plants that "scrammed" (shut down) automatically.
If hackers had had control of the network, they would have overridden the shutdown commands. The override would have caused physical damage to the network, burning out transformers and switching stations as they tried to carry the excess power.
The result would have been millions of dollars in damages, and weeks without electrical power for millions of Americans.
Instead, the power companies were able to take care of the specific overload and re-establish electrical power within hours. The power blackout may have been an inept hack attack but it is doubtful – simply because there was little physical damage to the electrical grid.
One reason why I doubt Al-Qaeda’s claim is because the 10 nuclear power plants located in the blackout area all shut down per pre-programmed safety procedures. If hackers had been able to penetrate the computer networks, they might have been able to override the automatic "scram" sequences inside the nuclear power plants. This frightful scenario ends with an atomic meltdown.
Air Force Hackers Succeed
In comparison, the U.S. Air Force recently conducted a successful simulated attack against the American power grid. Hackers from the South Carolina-based cyber war squadron were able to penetrate the fragile power grid on the West Coast. The Air Force hackers could have brought down the electrical grid from Seattle to San Diego.
Computer security is something that does not come naturally to government or business authorities. It is viewed as an expense of doing business, something that must be kept to a bare minimum.
I once served as security adviser for Virginia Government Internet Committee and co-wrote the information security requirements for the state in its final report to the Virginia Commonwealth Legislature. The report was requested by Gov. Doug Wilder (D) and accepted by Gov. George Allen (R).
I spent months in meetings and hundreds of hours compiling evidence for the state to set up a strong information security policy. For the most part the rest of the committee ignored the evidence and the recommendations.
Until one day when a group of system administrators from another state came to show off their brand new computer network. Many of the members were fascinated by the performance of this computer network – until I managed to squeeze in a single question about the security of their system.
"Oh," one of the administrators replied, "we have not had any real problems with security except when a hacker used our system to get into a nuclear power plant."
At that moment you could have heard a pin drop. Every talking head in the room fell silent and nearly a hundred eyes focused on the now nervous computer administrator.
"How did you find the hacker?" I asked, pressing my point.
"We didn’t. The nuclear power plant contacted us and we shut down the open connections," she replied.
Suddenly computer security became the hot topic. The potential use of a government-owned computer network to hack into a nuclear power plant frightened every politician and bureaucrat in the room. In the end, the committee unanimously agreed to accept all of my security proposals.
Entire Networks Are Vulnerable
It may come as a shocking surprise, but many of the U.S. electrical power grid computer networks are unprotected. You actually have more security sending your credit card number over the Internet than the control commands that operate your electric power do.
Yet the power grid is not the only area where America is vulnerable to information warfare. There is open evidence that U.S. air traffic control is vulnerable to a cyber attack. The GAO has repeatedly documented security problems inside the FAA.
The GAO stated that the FAA has "a history of computer security weaknesses in a number of areas, including its physical management at facilities that house air traffic control (ATC) systems, security for both operational and future systems, management structure for implementing security policies, and personnel systems."
"While FAA reports that it has performed background checks on the majority of its federal employees, the same cannot be said for its many thousands of contract employees," stated the GAO.
In 1999, the General Accounting Office tested the physical security of the Federal Aviation Administration. GAO inspectors were able to penetrate secure areas including the offices of the secretary of state and critical air traffic computer rooms inside FAA facilities. The GAO auditors warned of the growing security problems during congressional testimony.
"We found significant weaknesses that compromise the integrity of FAA’s air traffic control operations," stated the GAO auditor.
"This review resulted in a number of findings too sensitive to discuss in today’s open hearing; accordingly, my statement will refer only to findings and recommendations contained in the unclassified version of our limited official use report. We can tell you openly, though, that we found evidence of air traffic control systems that had been penetrated, and critical ATC data had been compromised."
FAA Mission-Critical Code
According to a GAO report on computer security, the FAA allowed Chinese nationals without security clearances to inspect "mission-critical" computer source code.
"We found instances in which background searches were not performed – including on 36 mainland Chinese nationals who reviewed the computer source code of eight mission-critical systems as part of FAA’s effort to ensure Year 2000 readiness," stated the GAO report.
"FAA’s own system penetration testing and vulnerability assessments demonstrate significant areas of weakness. Because of the sensitivity of this information, we do not publicly disclose details on these weaknesses."
"By again not following its own policies, FAA increased the exposure of its systems to intrusion and malicious attack," noted the GAO report.
PLA Cyber Warriors
Al-Qaeda represents only one threat to U.S. computer systems. It is a fact that America is not the only nation that has professional cadres of hackers inside its military. China is frantically working on its own cyber war plans.
In November 2000, Maj. Gen. Dai Qingmin, director of the People’s Liberation Army Communications Department of the General Staff HQ, wrote a major paper on "Information Warfare." According to Gen. Dai, pre-emptive attacks by the Chinese army on American civilian computer and information systems will use "information warfare techniques which differ from U.S. IW [information warfare] plans."
The PLA has reserve information warfare units located in the cities of Datong, Xiamen, Shanghai, Echeng and Xian. Each of these units is developing specialty capabilities to attack U.S civilian computers. For example, the Shanghai unit is focusing on attacking wireless telecom networks and double-encryption passwords.
Gen. Dai outlined several Chinese info war strategies, including such hacker techniques as jamming or sabotaging enemy info systems, giving a false impression while launching an info war attack, and blinding and deafening an enemy with false impressions.
The Chinese army is deadly serious about attacking U.S. civilian computers. The recent massive PLA Taiwan invasion exercise included an info warfare operation in the Shenyang Military Region simulating attacks on U.S. civilian computers.
American computer security weakness, according to former defense adviser William Triplett, could spell disaster in the near future. According to Triplett, co-author of "Year of the Rat" and "Red Dragon Rising," the possible Chinese army penetration of critical computer systems is part of an ongoing information war being waged against America.
"This has enormous implications for Communist Chinese cyber warfare against the United States," stated Triplett, who has studied Chinese army information warfare.
"In the event of a conflict, they could hold hostage the very lives of hundreds of thousands of American men, women and children."
According to Triplett’s 1999 book, "Red Dragon Rising," Chinese army information warfare is an "unheralded national security threat to the United States."
"The American economic, political and social system is essentially unprotected against a Chinese information warfare attack. As the PLA notes, ‘America’s economic system is extremely vulnerable to information attacks.’ Senior PLA officers have begun to talk among themselves about a pre-emptive strike using information warfare," noted Triplett.
RADIO AND TV SCHEDULE
Charles Smith will be on:
Talk Radio Network TRN – Jeff Rense show, 8/20/03, at 10 p.m. Eastern time. Show information at http://www.rense.com
The American Freedom Network with NewsMax contributor Dr. James Hirsen on Friday, 8/22/03, at 11 a.m. Eastern time. Show information at http://www.amerifree.com.
The Jerry Hughes show on Friday, 8/22/03, at 3 p.m. Eastern time. Show information at http://www.cilamerica.com.
The Phil Paleologos "American Breakfast" show on Tuesday, 8/26/03, the Langer Broadcast Network, at 8 a.m. Eastern time. Show information at www.dinershow.com.
In other words, things like the power net should have their own, closed network.
The suspension of disbelief in the movie "War Games" was lost when the kid dialed up a computer which could launch nukes. Uh huh.
--Boris
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.