I think that the possibility that someone could shut off major portions of our grid is a VERY frightening concept. Just last week Boing Boing ran a story about the possibility of a solar flare disrupting or destroying large portions of our electrical grid. That entire article had a sense of *DOOM*. Now we find out that there are people who can start shutting things down or hijacking systems, we don't know who they are, and that ISN'T a reason for concern?

Yes, this is most likely the work of a foreign power as a "just in case" measure....but that doesn't comfort me any.

rebuild the grid

Yeah, our sewage systems: those insignificant sanitation mechanisms, the sole purpose of which is to create living conditions as disease-free as possible for citizens, particularly in populous areas. Who needs those?

Wasn't this the main premise behind :Live Free or Die Hard"?

Skynet will protect us!

Comments seem REALLY screwy.

If we keep borrowing money from China, and don't pay them back, can they just turn off our electricity?

China is going to defeat us without ever firing a single bullet. They practically own us already. At the rate we are going, we will no longer have any manufacturing jobs. Wal-Mart will keep forcing companies to move to China, and we will keep shopping there because it will be the only store open that anyone can afford to buy anything at, because they sent all of out factory jobs away.

No surprise here. The USA needs to manufacture threats so people won't mind handing over half their tax money going to the military industrial complex ... the USA's total expenditure exceeds the rest of the world combined.

We don't add that the US military has penetrated the electric grids of other nations.

Why not? That's not scary.

the money that should have gone to re-building infrastrucure was spent on things like Lockheed and the F-22 SkyLemon.

Why are critical infrastructure computer systems connected to the internet anyway?

I always wonder the same as #9. Why are critical networks connected to the internet? Why can't it be its own network?

As for this report, isn't it stating the obvious. Countries have mapped each others infrastructure for years to gain any advantage during wars. China, Russia do it to US, US does it to them.

Right. Do you think we haven't "mapped" their "infrastructures"? Oh no, the US is to ethical for that.

You might as well go open source with everything at this point.

most of the grid could be knocked down with a handful of agents with minimal kit by hitting choke points. It's not physically defensible. There's too much of it.

remember the Farewell Dossier?
http://www.msnbc.msn.com/id/4394002

At #9 and # 10:
http://xkcd.com/463/

I think it's FUD. They are probably aggregating all probes to any system related to a utility, and not actually taking into consideration if the control systems are reachable via a network that is externally accessable (internet or not).

I think they intentionally leave this vague and probably have very little idea of what they are talking about. Most control software for utility stuff is very very archaic and text driven or some kind of real time OS. It requires a tremendous amount of documentation to use, of both the system and of the configuration it's controlling. Even an electrical engineer would have a hard time taking down a grid without very complete documentation on what they are controlling.

Everyone else has already said it, but briefly:

- don't connect essential-services to the internet if you're actually concerned about security as opposed to FUD

- know that most remote administration type virii are written and run by (kids, mostly) who just want credit card numbers

When Enron disrupts the electrical grid, it's the genius of capitalism. When another country does it, it's espionage.

clearly, what is needed is for the TSA to expand its mandate and have security personnel standing by each data line entering critical infra-structure controls. They can interrogate each packet or impulse entering and ferret out the evil-doers. Armed with a list of penetrating questions to shout out at the cable, they can do at least a good a job as they do at the airports.

Today in Rochester, NY power companies were reporting "disruptions" and "grid problems." I don't know if I believe it was spies or the US government themselves.

"NatSec" huh? I'm as worried by Orwellian language like that as I am by grid warfare.

When they target the sewage system we are all in deep shit.

Wonder if it was the same "russians" that compromised the Diebold software?

Shall we play a game professor Falken?

This is why we need peer-to-peer power generation and storage.

Wired shares my skepticism about this - from Threat Level

http://blog.wired.com/27bstroke6/2009/04/put-nsa-in-char.html

Wow, Who'd a thunk it? We're as secure as a wet paper bag.

Let's design a game where we can use New York's city blocks as pixels in a game of Space Invaders.

Control console to play it from...

The International Space Station.

Probably not even foreign governments doing it, just foreign corporations looking for an edge in their US investments.

SCADA systems are a double edged tool by their very existence. The same system that allows complete energy management enables complete havoc to be unleashed. Often by a simple software glitch. Absent any malice... As the systems get re-designed for a hostile attack in cyberspace in addition to electrical hostility like surges,lightning? Well- most of the former exploit weaknesses are already patched- were actually patched as parts of Y2K recodings in many unpublished cases. Security By Obscurity Vs no publication of closed software and systems is one depiction. If there's an area deserving "need to know" data limitations SCADA might top the short list of such. And there's a VERY damned good reason why. Several actually. The havoc potential being less fear driven than logic driven. IF the software is explicitly restricted to trained/authorized persons? It "lowers the chances" of some chuckleheaded stunts.

Like the same way we put the plastic caps in outlets to keep babies from sticking a metal object in them. Sadly needful, but it does anger our "information wants to be free" crowd. Which includes ME on most sane issues. But some data needs to be kept on the safe side of firewalls. If you disagree? It might deeply and truly suck to be trapped in an elevator etc. Trapped there because some clue deficient cretin nuked the grid control software. And yeah- peer review of security tends to improve security in any area where it's SAFE..

Yeah, light a candle. What really worries me will be when China starts to contemplate dumping all our treasury bills on the market. That in conjunction with cyber warfare (bruce willis style) will really screw our collective pooch!

Here's an interesting question...If shit really did go south and government services stopped, what would you do? Where would you go? How would you contact family/stay alive?

I would get a gun...first thing.

? China is terrified the American paper they hold will become worthless due to American profligacy.
"Dumping" American T-bills?

@ #6 suburbancowboy: I acually started saying that in the 1990's. I am very sad I lived to see this. I always hoped I was wrong.

Unfortunately I have a pretty good track record for predicting terrible things. I've been waiting for WWIII for quite some time now. Boy do I hope I am wrong about that one. If I'm right, then I hope it happens in the winter. It's warm down here where I live.

@ 23...

Forgive me if I'm wrong, I'm fairly ignorant in financial matters. As I understand it, China holds a large portion (900 billion)of our treasury bills. T-bills (from what I hear) play a role in contributing to the stability of our dollar. If China were to liquidate thier holdings, it would lead to a depreciation in the value of the dollar would it not? Again, please be kind in your response... Please explain...

When Bush and his minions attempted to restart the dark ages by stopping medical research on stem cells and denying evolution (just for quick examples), he declared war on the intellectuals. Now the intellectuals have wandered off to work in other countries where intelligence is considered desirable and we find ourselves largely defenseless against them (too big, too far, too good at what they do). Now the nerds are in a position to slap the bully US around, what do you think is going to happen? While we fiddle with imaginary gold and US homes, the rest of the world senses our weakness and watches hungrily. Bush seriously weakened us as a nation and as an entity worthy of respect, Mr. Obama has his work cut out for him.

our power grid makes a wet paper bag seem secure... one charge placed anywhere along thousands of miles of open transmission lines would shut down major portions of it...

you have to understand that a power plant does not use it's own power to power the plant... it uses power from another plant... so they are all daisy chained together... take one out and the whole chain comes crashing down...

My dad worked for one of the major west coast power co. and he always said "I can take out the whole grid with three hand grenade sized charges, and I can take all the time I want setting the charges!"

never rely on electric just being there... always have a back up... and if your waiting to buy a gun... it's too late... the first thing that will not be available in a crises is what ever you need to help you through it... be that a gun, a generator, or transportation...

I'm pretty sure that if you were to jump in the Wayback Machine and set the controls for 1985, you'd find that hackers and crackers and other home-grown archcriminals of that ilk were constantly warning that telcos and major industries and yes *gasp* even utilities had shit for security.

Many of those archcriminals are still around, some even blog, and no doubt they're shrugging and grinning to themselves.

..to skin a cat
http://news.bbc.co.uk/2/hi/asia-pacific/7993625.stm

From what I understand about the electrical grid in the US, and in most other developed nations, you don't need special software or spies to take it down.

A lot of our critical power pathways run through equipment for which there is no hot spare... and certainly not enough hot spares if a bunch were taken out at once. Old equipment, even equipment that they don't have any spares for, that has to be maintained by hand rather than replaced because there's nothing to replace it with.

It's really just a disaster waiting to happen. But of course they won't talk about that, to get funding for upgrading the machinery.

FWIW: the words I got for the captcha (stupid, horrible, ineffective thing that it is)... "payoff least." Apropos.

heh!
http://www.pcworld.com/article/162912/china_denies_cyberattacks_on_us_power_grid.html

Hello. I'm Russian.

It wasn't me. Honestly :)

2 B serious. I guess it seems to be really big problem. There is one more reason for straight confrontation for our countries. It's a bad sign. You've got Energy Grid attack, we've got Georgia-Ukraine NATO-threat... It's not good.

Sorry for my English and mistakes if any.

And what do American spies do? That other countries have contingency plans in case of war against the US is not surprising, especially when the Americans do the same. This isn't news.

But the fact that Americans think this is news, *is* news.

"contingency plan" is a plan, an actual act is an act. There is a difference, the later is war.