I was intrigued and somewhat alarmed to read this news story today. It says enemy agents/computer hackers have embedded code into several infrastructure systems in the U.S. — most notably the power grid — that could potentially disrupt service or damage equipment.
To date, there have been no disruptions of power attributed to the rogue software, or failures of other infrastructure systems attributed to cyber-terrorist measures, and President Obama has started a 60-day review of all the nation’s efforts at cybersecurity (to be completed by April 17), but it doesn’t take much to see the trouble something like this could cause.
Would an infrastructure attack of this type, were it to occur, cause the same visceral reaction in you that say terrorists blowing up a building would? Why/why not? And would you be prepared for an infrastructure failure of “Y2K” proportions?
Of Y2K proportions?
Yes since NOTHING happened.
Sorry, work in IT tired of all the end of world computer stuff.
Unless you have no heat; the East coast black out showed you can survive. Hospitals etc have back up power.
I think the only threat is to sanity due to bad reporting and doom saying.
It could potentially be worse than blowing up a building. Think of all the people whose very lives depend on the power grids staying up and running. And, no, I don’t think I’d be prepared.
Oh, and I used to be a computer programmer, too. I rightly sneered at the doomsday forecasts for Y2K. But there are many elderly and invalids in homes–without power back-up–who would be affected.
@mikespeir:
As did I.
And now some people are claiming this code can affect many infrastructure systems, just as the Y2K bug was going to do, but never did.
More likely the “malicious code” was sending out penis enlargement emails to everyone on the person’s address book than wrecking with our power infrastructure. I am sure if we search everyone’s computer with a fine tooth comb we will find a lot of “foreign malicious code”. I think a lot of skepticism is needed here.
Also I am a computer programmer (not formally), how many of us are on here?
You know what scares the crap out of me? Disruption of distribution lines. Particularly of key medication. I take meds daily that keep me alive, as do many of my friends and family. That’s what would kill me.
Some of my friends who also have thyroid issues have actually discussed what they would do when the apocalypse comes and they can’t get their synthroid. Current plan – become thyroid zombies and bite the thyroids out of people.
Look out, kids, it’ll get ugly…
See, there’s no code for “the power grid”. The grid is hardware. The management of power distribution on it is run by cooperation of independently-owned power companies.
Additionally, those management systems are typically (though, granted, not always) isolated from the corporate networks, and run either stripped-down OSes (e.g. embedded Windows or Linux for realtime systems) or custom kit.
Now, I don’t know what was found. But if I were a betting man, I’d bet this will boil down to some virus on power company e-mail servers that turned them into zombies (or something like that). It seems really unlikely that power-grid control devices are on the ‘net – though I suppose it’s possible.
I, too, am a programmer; though these days I’m an information security expert using my programming skills to help other programmers write secure software.
@Masala Skeptic: not just medicine; the food supply would be disrupted as well. Best to make sure you know where your local farmers’ markets are.
I have to admit, just because of the threat of earthquakes, I am prepared for three weeks of self-sustenance for my husband and myself.
This includes all of our daily meds for HIV, depression and PCOS. If the big one happens, we are going to be shit out of luck in terms of services for at least a couple of weeks.
@Masala Skeptic: The thyroid out of any mammal would work just fine. Perhaps a mouse or rat thyroid a day would do the trick and of course they would have to be raw and uncooked to remain effective!
In news reports the main issue seems to be that the power grid is connected with the internet as a host for all grid functions and controls. It is not run on a closed system and one of the fixes is putting power grid controls on a closed network so there can be no hacking. That will cost hundreds of millions of dollars apparently.
autotroph: “those management systems are typically (though, granted, not always) isolated from the corporate networks, and run either stripped-down OSes (e.g. embedded Windows or Linux for realtime systems) or custom kit”
I wondered about that. It seemed really unlikely that these systems were attached to the internet. I also find it odd that it’s assumed these attacks came from China or Russia and then reported as a given.
But the thing that scares me the most about the article is that the director of the Cyber Consequences Unit is called Borg.
“Also I am a computer programmer (not formally), how many of us are on here?”
Apparently quite a few of *us*.
To answer the original question: No I don’t think anyone would respond as emotionally as they did to 9/11 – until, and unless, people started dying in droves.
A more relevant comparison than Y2K might be Katrina. As numsix points out we survived the most recent NE black-out. But that only lasted a few hours. A fairly localized failure spread quickly and inconvenienced a lot of people. Actual damage was limited though and the time it took to recover was more due to the need to stabilize the system before the various parts could be re-connected.
What would happen if the power was out in NYC for weeks? In the summer?! The casualties from that would definitely get people worked up.
A cleverly written piece of malware embedded in the systems that control the grid could theoretically induce a cascading series of failures that deliberately overload the transmission infrastructure. The industry only holds enough spares to handle normal wear and tear. If you could take out even 50% of the transformers around NYC it would take months to replace them. The software would take a great deal of inside knowledge to create though. And you’d probably need a different version for each power authority. A lot of effort.
So, as Protesilaus says, the malicious software in this case is probably just sending out spam. In fact it would probably be easier to bring down the ‘net by simply overloading it with spam than to bring down the grid using malware.
Mike the Other Programmer
Disclaimer: I’m a programmer, but I am absolutely not an authority on large-scale international network security. So, grain of salt and all that.
While I have no doubt there’s such malicious code lying around, my guess is that it’s from varied attackers with sundry goals, and any sort of coordinated takedown would require a singular effort with A) knowledge of all these vulnerabilities, B) the expertise to exploit all these vulnerabilities, and C) enough people cooperating to pull it off.
Also, the article seemed to indicate that as of yet these little bugs haven’t really been exploited yet at all — I would think if you’re planning something really big, you’d want to test things out here and there to get a feel for just how much shit you can pile on the sandwich, how fast it works, what kind of backup systems would get in your way. But then I’m not a megalomaniac*.
Not that it’s impossible, of course; I seem to recall an incident a few years back involving trained pilots flying planes into buildings, and that seemed pretty bloody unlikely, too.
(*) Not on Thursdays, anyway.
autotroph said : “Additionally, those management systems are typically … isolated from the corporate networks…”
The problem being that they’re, almost certainly, *not* physically isolated. If a physical connection exists then a hack is possible.
Mike the Still A Programmer
As Autotroph stated, the power grid is hardware. It ran pre-computure age on the same hardware/transmission rout. Billing would be messed up. In the NE black out I had power back in about two hours, some places in days. (Why generate and export Hydro in my city)
I wasn’t thinking about emergency services that may not have back up power. If you are emergency service you shouold be required to have back up power (Unfortunatly that would be a perfect world)
Any other older pople here remember an 80’s news program that went on about hackers? It had the self proclaimed originator of phreaking (sp?) and some ‘guys’ claiming “If I don’t make a phone call this county (USA) will grind to a halt”?
Sounded scary, never happened. I am desensitized to doom in the news. Too much all bull droppings.
To answer the question though:
Due to ice storms etc. I can handle a few weeks no power; harder, but doable in winter.
Not a programmer, tech.
FUD used to gain funding or grab power. Might be more real if we ever have a “smart grid”.
@NoAstronomer: actually, most control segments that aren’t electrically andlogically separated from Internet-connected machines are controlling things like one grid being able to sell power to another grid.
Control systems that could be used to cause actual, real damage (say, by altering control circuit configurations) are typically networked only as monitoring functions. They usually require physical interaction to alter.
I’m sure there are specific cases where someone was lazy, but I doubt this is as big a deal as the media is making of it. Still, I don’t have insider information, so it’s possible I’m wrong. We simply don’t have enough evidence to know for sure.
@numsix: well put. Core systems grids just aren’t as fragile as the movies and media would have you believe. All this stuff can be operated by manual control, and there’s very little real damage that can be done to the infrastructure itself via hacking some PCs.
The reason the “cybercops” (dumb name) are all in a tizzy is that malware and other attacks might be useful to temporarily cause power outages that could be used to amplify an attack or distract from other activities. It’s a security risk, but not a “OMG, the grid will be off for WEEKS” kind of thing.
Besides, doesn’t anyone realize how easy it is to build a generator? Not to mention how many backups emergency services have?
Believe it or not, this world could function perfectly well for quite a while without a single computer running; it just wouldn’t be as efficient or convenient.
Ahhh, yet another round of media BAWWWW about ‘evil hackers’ and doomsday scenarios swallowed whole by journalists who grew up watching too many Hollywood ‘hacker’ movies…
I guess some things never change.
I agree with Autotroph (great name and pic, by the way) and:
I’m not, nor have I ever been, a Computer Programmer.
Sorry, I tried, but it sort of loses impact a bit at the end there…
To begin with, it’s frankly not all that surprising that malware of this sort has found itself in some pretty high places. There is just too much code written in too many corners of the world and most by people with zero conception of what good security entails for someone to not drop in a couple kits for grins. So my first reaction tends towards “about time.”
However, as has been hinted at above, if the lines are still in place, the generators have coal, and the roads are clear for trucks to provide emergency services, there’s really not much in the way of true apocalyptic action to be had, as near as I can reason (which might not be far enough ;-). Couple that with the degree to which power systems are regionally segregated, and the questions of what, if these attacks were made by state actors, would be gained by turning off the lights in some state for a couple days, and it seems to me that the fearmongering is simply continuing.
As for the scale of my reactions, my first ten minutes would certainly not be as concerned. Fireballs represent tangible danger in a way that no amount of reasoned analysis can-at least at first. If it did become apparent that, against the odds, a Hollywood-esque total network meltdown was in play, I suspect I might be able to wrangle up the appropriate amount of concern.
@Steve: You picked up on the Borg connection, too, eh? ;-) Perhaps ‘Resistance is Futile?’
@Masala: I’ve thought hard about possible threats to our logistics chains, too, though I’m not on any medications like synthroid or insulin that would be an immediate problem for me. I think that most disruptions would be temporary and used to cause confusion and distraction from something else – like an attack somewhere else.
I do know from my current position that the military has ‘work arounds’ if the computer-driven medical logistics system were to fail. (No secret, that.) I’m not sure what would happen on the civilian side. Here’s hoping that our response (if ever needed) is better than the repsonse to Katrina…
If anyone wants an opinion on this topic from someone who actually knows a thing or two, Bruce Schneier wrote a paragraph or two about it here
I’m definitely on the “What code?” side of the argument.
It’s been a while since I actually looked into “real” power; but we did lose a very talented, young, power conversion engineer to the “big” power grids.
Why she dosen’t miss us? (According to her) NO SOFTWARE!!!
(Apparently, we get no love…but that jives with my memory of the “state of the art” for citys and whatnot).
Well, our loss is a gain for Texas. (That’s were she moved, once she found the right job).
Based on all that, I seriously am not going to lose any sleep about my power grid, except that they need to be many more and Solar powered.
rod
Let me go into Cassandra mode for just a second here (meaning that I’m going to be all oracular, and likely right, and few people will believe me).
I have considered the possibilities of disaster/civil war/disruption of communications, and my observation is that the reactionaries/fundamentalists/terrorists (aka right-wing authoritarians, or RWAs) tend to understand technology (much like they understand everything) in very simplistic terms, ignoring the larger implications of complex systems. It would not surprise me to learn that enemies of reason had planted various time bombs or booby traps in widely used computer code. This is not a difficult thing to do.
At the same time, the RWAs tend to be highly dependent on technology, and use it in naive ways. I think that if it came down to it, the RWAs could manage some temporary disruptions that would be easily fixed by rational people with the requisite knowledge. But at the same time, creative problem solvers (who tend to be absent among the RWA population) would a) find nontechnical workarounds to pursue their own means, and b) could disrupt RWA uses of technology in ways that they could neither anticipate nor easily circumvent.
People who view technology in terms of lines of code and the movement of electrons are easy to work around. People who view technology in terms of culture, society, and humanity are damn near invincible. I think that’s us.
I work at the control room of a major electrical transmission system operator, where I have been responsible for several years for the systems which DO control the electrical grid. For obvious reasons I will not describe security vulnerabilities. They are however physically separate from corporate LANs and internet access.
Aristothenes’ (and others’) assertion that grids are not vulnerable to this kind of attack, ‘provided there is coal at the stations, etc.’ is untrue: without visibility and control of the power system, operations will fail rapidly and supply be lost.
The cybersecurity of electrical control systems needs to be (and is) taken very seriously.
Accidentally deleted about three or four large paragraphs of response.
Ugh!!
Here we go again:
I was reading this article on the website of our spam-software, and to me this seems like the worst that can happen as far as infecting genuine software installer files.
The sad truth however, is that pretty much every virus nowadays, seems designed to either make your computer send spam, make your webbrowser open up spam webpages or pop-ups, or harvest your addressbook for e-mail addresses to send spam.
So from the sound of it, the worst that would have happened was that the power-grid employees would not have been able to view their daily dose of dilbert cartoons, but instead would have gotten some ominous looking web-page that supposedly just scanned their entire system and found more viruses and spyware than they could have downloaded in 6 months even if they’d tried on purpose.
Nothing that’s going to cause a nationwide blackout for sure …
What’s more, it seems that in order for a virus to do something like that, it would first somehow be able to physically make contact with the systems that operate it, if it manages that, it would have to have been pre-programmed with all the necessary code to disrupt the proprietary operations software. The only way for that to occur is for someone to have detailed knowledge of not only the workings of the system, but also of the code.
In other words, one of the programmers would’ve had to turn terrorist and find a way to make a virus not only change his bit of code, but also parts made by his co-workers. And then he’d have to make sure the virus somehow managed to specifically find its way onto the right company’s network in order to actually do what it’s supposed to do.
And if you somehow managed that, your code itself would actually have to do what it’s programmed to do, or the software would just crash, possibly leaving “the power grid” happily running unbothered, just momentarily not being monitored and influenced by the controller software.
It would be easier to crash a truck through the gate and flip the on/off switch inside a heavily guarded compound somewhere.
Um – who needs some sort of shady “code”, when you can just cut the cables?
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2009/04/09/BAP816VTE6.DTL
Well I’ll be dipped. I guess I should’ve asked if you guys thought the news story had any merit, because that’s pretty much the line along which the comments have run.
Don’t get me wrong, this is a fascinating discussion. All of you clearly know a lot about computer programming, and BillC even has inside experience at a power station control room. But I was actually looking to discuss the psychology of enduring immediate trauma, like a hypothetical suicide bomber attack, as opposed to a hypothetical infrastructure attack, where the damage and casualties would pile up more slowly.
Still, you all have kept the discussion on a more skeptical level, and I have to give it up to you for that. You are better skeptics than I.
Why spend all that time on computer code. It only took a small tree branch in Ohio to black out the Northeast. Hell of alot cheaper and easier when all you have to do is throw sticks.
http://www.theonion.com/content/amvo/nations_power_grid_hacked
Sam, BillC *writes* that he works in a power station control room. Come on, this is the internet. Maybe he (she?) does, maybe not. I will claim here not to work in a power station control room. I don’t see anything in the posting that confirms for me whether BillC’s claim is correct or not; how could I, with little knowledge? No offense, BillC; I am not specifically calling you out as a preveracator. On the other hand, to write that we have inside info from a power station control room goes beyond the available evidence.
As far as the topic, I hope that what BillC writes is in fact correct. I would hope, though I don’t have any personal knowledge, that power distribution control systems are not connected to the internet. That seems to be too stupid to survive corporate overview. I am responsible for a tiny bit of lab equipment and strictly refuse to have it networked. Even so, I can’t keep folks from connecting external drives (USB thumb drives) that may have been connected to networked computers. And that is only a piece of lab equipment, not a national asset.
@FinnMcR: “I am responsible for a tiny bit of lab equipment and strictly refuse to have it networked. Even so, I can’t keep folks from connecting external drives (USB thumb drives) that may have been connected to networked computers. And that is only a piece of lab equipment, not a national asset.”
I hate to disagree with you, but I work on an Army base and all PC USB ports are disabled except for the mouse, keyboard, etc. We have to get special permission from our Directorate of Information Managment (DOIM) to have any other device connected to our PC’s. It has to be “turned on” from the DOIM side, so putting a non-approved device on a PC here is useless.
So, yes, you can stop people from using USB devices like thumb drives, if you want to badly enough. It’s a major PIA, but it has stopped many of the viruses and worms.
Thanks, QuestionAuthority. I did not even know that that was possible. I’ll try to find out more from our IT folks about that. I don’t really worry about someone trying to hack into the equipment on purpose and, as I mentioned it is not connected to our network. But still, we have some folks who are too smart for their own good with access to the equipment and I really don’t want to put in the call that something has gone wrong with the system. Thanks.