10. April 2009 by admin.

The stories have certainly heated up online about the Bad Guys from Somewhere? having gotten into the U.S. Power Distribution System (they didn’t say just Dallas or Miami, so I assume they mean the WHOLE U.S.) Control Computer(s) (one or more?) So while I’m trying to understand what this means, I figured I’d blog a big ‘ol article about what this really means to everyday citizens.

PC World has got this article:

http://www.pcworld.com/article/162787/report_cybercriminals_have_penetrated_us_electrical_grid.html?tk=rel_news

Which cites a Wall Street Journal article:

http://online.wsj.com/article/SB123914805204099085.html which sounds even more ominous:

Electricity Grid in U.S. Penetrated By Spies

And the blog on PC World:

http://www.pcworld.com:80/article/162814/article.html?tk=nl_dnxnws which calls it this:

Malware Infections Lurk in U.S. Electricity Grid, WSJ reports

So this whole thing sounds like the movie WAR GAMES except instead of some kid hacking into the WOPR computer and playing a game that could launch real missiles, the New Kids on the Block from Russia or China (or both or neither) allegedly have hacked into these Control and Monitoring Computers (my speculation on that below) and now may have full control of the controls of the control of all the U.S.’s Electricity Distribution. How true that is remains to be seen or explained. I wouldn’t think that on the local level in states and cities that access to this control from another city/state would really give access to turn an area or a whole state on and off, would it? There would be local override controls right? What if Texas got mad at us? They could turn off our local power in Florida? I don’t think so. it’s generated locally for some percentage of it, right? Is there like a “Master Control” computer or computers that have the “Administrative” rights to all states electrical power including locally generated power? 

Now the supposed problem exists in control systems of the U.S. Electrical Grid. Now I don’t claim to know much about the U.S. Electrical Power Grid - other than the fact that different areas of the U.S. are linked together and can sell each other “wholesale” electricity - and can help support each other if one area “runs out of gas” so to speak on peak time (or any time?) electricity - even in the event of a plant failure somewhere.

So what are they talking about when they say the Cyber Criminals have gotten into the U.S. Power Grid? Well I imagine it like this … There’s the electricity which is distributed by power generating stations (sources) and sent over towers with high voltage electrical cables to Sub Stations where that power is stepped down to intermediate levels (perhaps more than once) before coming to a “drop transformer” near you - where the power is dropped once again to level that you need at your business or home. In most U.S. Homes I imagine that is round 440 or 220 Volts A.C. So what are you saying with hackers? Are they getting in to our actual electricity? Well, NO … probably not. I imagine there is a seperate communications circuit (or circuits) that are used for monitoring and control - what they call in Telecommunications as an “Out of Band” thing - because it’s not on the same “channel” (for wireless) or the same “wire” (for wired networks) - but basically it means seperate from the thing you are trying to control. So I imagine there is this Control and Monitoring Network - kind of like a Computer Network or Internet - but not necessarily THE INTERNET. On this Control and Monitoring Network there are computers, probably higher end Servers that are used for this Monitoring and Control functionality. So then perhaps these alleged international hackers have gotten into this network and have put Malware (like Spyware, Trojan Horses, Root Kits) onto them that can help them with later accesses … potentially at “Administrator” level (what they call “Root” in Unix and Linux systems) which means they could do whatever they want. And that would not be a good thing. That would mean they could shut off power to areas large and small … and who knows what else they could do.

Someone online in comments mentioned that they thought this system might be SCADA (or similar) http://en.wikipedia.org/wiki/SCADA - which has PLC - Programmable Logic Controllers - which is starting to remind me of some of the monitoring and control stuff that you see on large yachts and other marine vessels. I’m not by any means an expert on that either but I did work on some computer software for a yacht that used that for its monitoring system … using Rockwell Automation / Allen-Bradley components http://www.rockwellautomation.com/ - so I guess I can’t say that I’m totally in the dark about this kind of stuff. (oops! sorry for the in the dark reference!) Anyway I hope they get it sorted out and we don’t end up in the dark literally any time soon. We’ve had enough time here in South Florida without electricity due to hurricanes. And no amount of automation could seem to get our power back on quickly in those situations.

Robert Moran monitors an electric grid in Dallas. Such infrastructure grids across the country are vulnerable to cyberattacks. Image source: Associated Press

This picture is from www.geni.org it also seems to be from MSNBC - and cites a source of MIT Technology Review

* I also hope that the electric power companies aren’t going to try (as I read somewhere) to make the end users pay huge amounts more on their bills for them to fix this problem. Somehow they got us into this one and we shouldn’t have to pay to “bail them out” of it. If there’s control and monitoring network infrastructure that they’ve implemented that somehow allows worldwide hacker access to compromise it - then that’s not our fault. All we need is reliable electricity.

—

Alan Spicer Telecom / Alan Spicer Marine Telecom

http://www.marinetelecom.net

+1 954 683 3426

Posted in Main | No Comments »