

Story about spies penetrating grid may be part of a PR campaign - nebula
http://erratasec.blogspot.com/2009/04/has-power-grid-been-penetrated-by.html

======
madair
There's a whole lot of propaganda all around us, and the willingness of
newspapers and columnists to constantly grant anonymity to sources has turned
it from a valuable tool for sunlight on public affairs into a valuable tool
for any stakeholder with a telephone.

~~~
eli
But there is a flip side. Let's assume for a moment that this is a true story
and that the military did not authorize its release. In that situation, an
anonymous source is pretty much the only way to get the story -- unless
someone is willing to ruin their career (or worse) over it.

------
paulhart
As I mentioned in a comment earlier today, I have some experience in this
field.

Yes, the ISOs (Independent System Operators) have Internet presences. Yes,
they can send out dispatch signals to the generators over the Internet. Yes,
the generators can access an extranet to find out what their current dispatch
should be.

Security (in the environment I'm most familiar with) is provided using well-
known standards (SSL certificates on both the server and the client). I'm sure
there are ways to spoof, but I'm not an expert at those things.

I have ideas on how to create a bad day for the grid, but I don't think it
would be wise for me to share them ;)

~~~
redcap
As mentioned below, why on earth are these systems (still) connected to the
Internet at all?

Sure someone might have though it was a good idea, but surely someone has got
to have pointed out just what a dumbfuck idea that is?

~~~
jibiki
More or less...

<http://xkcd.com/463/>

------
miked
The big question: why on earth are the shutdown systems (or any others)
connected to the Interwebs? How on earth could the risks of that justify
whatever benefits there might be? Governments are stupid about all things
except increasing their power and control, so it could be true. But I'm still
skeptical.

Does anyone know why these systems would be online and what benefits would be
large enough to justify this?

------
noss
Reminds me of pg's article on PR campaigns:
<http://www.paulgraham.com/submarine.html>

------
josefresco
If it's all lies, what's the motive? Politicians/government officials don't
usually lie without some sort of expectation of benefit.

~~~
cscott
There is a significant momentum building for stronger executive control over
Internet connectivity to private-sector networks that are designated as
"critical infrastructure."

The proposed CyberSecurity Act of 2009 would allow the president to designate
a private network (such as a SCADA system) as critical, and in the case of a
declared emergency, shut it off from the Internet.

As you can imagine, there is resistance to this from multiple parties,
including those industries who fear additional government regulation and also
privacy and anti-censorship advocates who fear "scope creep" in the
legislation.

~~~
euroclydon
How would they send the shut-off signal? Over the internet?

~~~
cscott
Executive orders to impacted entities would involve a much more formal chain
of command and control than a direct kill switch from White House.

------
Ardit20
When I was reading the article yesterday I wondered why are they telling us
that the grid has been hacked. I thought this is not news at all, I mean what
can we do about it. And how do they know that it was Chinese and Russians? I
am sure any nation would like to know how the advanced grid works.

------
TweedHeads
Do they already have a switch to shut-off the power grid?, telephones? regular
mail? newspapers?

So why the internet? What's the threat?

Or is it about money? how so?

