View Single Post
Old 08-14-2003, 01:59 PM   #17 (permalink)
stazen
Addict
 
Location: SoCal
I wouldn't be so quick to discount the possibility that this was caused by a terrorist attack -
<a href="http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/vulnerable/grid.html">frontline: cyber war!: vulnerabilities: the power grid?</a>

In a potential cyber attack on the U.S., there are experts who believe one of the targets could be the country's electric power grid. By exploiting vulnerabilities in the control systems utility companies use to remotely monitor and manage their operations, U.S. cities could be blacked out for extended periods of time.

...

When we go after an electrical power system, electrical power provider for the critical infrastructures, we always penetrate that system. And we do that in a number of ways: through social engineering, through cyber means. What this points out is that there are a number of vulnerabilities that exist for a certain level of adversary. This doesn't mean that there's no security or that we can penetrate with the simplest means. It just means as a sophisticated adversary, as a national lab, we are eventually able to get in.

The fact that we're able to penetrate these systems all the time is significant in that it shows that industry isn't able to apply security mechanisms to their critical infrastructures. This is for a couple of reasons. Number one, they don't have a business case to apply that security, and the awareness is being raised now where they're starting to realize that this may be important.

...

<b>Could your team, if you wanted to, take down the entire grid in the United States?</b>

The IDART red team could demonstrate numerous vulnerabilities and system effects against U.S. critical infrastructure that are scenario-dependent and adversary-dependent, and we do this so that we can help improve the systems so that they can't be taken down in the future and a cyber Pearl Harbor won't affect the U.S. infrastructures.


<b>But could you if you wanted to? </b>

I won't answer that question. ...
stazen is offline  
 

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76