Tuesday, May 27, 2008

The power grid? Why would hackers want to mess with that?

Interesting story by Andy Greenberg at Forbes.com on a few folks who are uncomfortable that the US power grid is hackable, and that neither DHS nor the power industry seem to be working very hard to improve its security.
Last June, the Department of Homeland Security leaked a video documenting a disturbing experiment. Using only digital means, researchers hacked into a power plant's generator and caused it to cough and shake before shutting down in a cloud of black smoke.

That clip, demonstrating what has since become known as the Aurora vulnerability, served as a wake-up call for regulators, highlighting the need to guard against cyber-security threats to critical infrastructure like power plants and the telecom system. But at a hearing Wednesday, members of the House Committee on Homeland Security warned that those regulatory bodies aren't moving fast enough.

"I think we could search far and wide and not find a more disorganized response to a national security issue of this import," said Rep. James Langevin (D-R.I.), chairman of the Subcommittee on Emerging Threats, Cybersecurity and Science and Technology...

The subcommittee hearing also highlighted a new example: a report by the Government Accounting Office released Wednesday reveals a litany of cyber-security vulnerabilities in the systems of Tennessee Valley Authority, the nation's largest public power company. The GAO report said that that TVA had failed to implement simple security measures like updated firewall and anti-virus software. Many access points to the company's network lacked password protection, and some insecure systems connected to TVA's systems for controlling power generation, GAO director of information security Greg Wilshusen told the subcommittee.
Meanwhile, the states are chafing under pressure from the federal government to do more to protect their roads from improvised explosive devices (IEDs)...

Updated to add: Meanwhile, in Russia...

Labels: , , ,


Post a Comment