Friday, February 3, 2012

Power-Grid Cyber Attack Seen Leaving Millions in Dark for Months....

Power-Grid Cyber Attack Seen Leaving Millions in Dark for Months....
By Brian Wingfield

A blackout that swept parts of North America in August 2003, leaving 50 million people in the dark for as long as four days, provides a glimpse of the havoc a cyber attack could inflict on the nation’s power grid...

Mike Rivero's comment on this:

Of course, the 2003 blackout was not caused by a cyber attack, but a cyber attack makes a great cover story for a national power grid that has decayed to the point of collapse, along with nuclear reactors that have reached the end of their useful lives and are also facing "involuntary shutdowns" (as just happened in San Onofre). Or, a cyber blackout may be the much-ballyhooed false-flag attack to be blamed on Iran. If Israel's Stuxnet virus made it all the way to Fukushima then it is a given it is all over the United States by now. So, yank the power, blame Iran for it, keep the power off so that the bloggers cannot call attention to the obvious falsehoods being shouted through the battery operated radios and TVs, and kick off the next war for Israel that way!


And Jim Stone and James McCanney are also suspicious that TPTB might try to do something w/the power grid too (blame it on someone/something else, use as means of control, like they did w/electricity and the people in iraq, Cyprus and Lebanon....)....LOL

A blackout that swept parts of North America in August 2003, leaving 50 million people in the dark for as long as four days, provides a glimpse of the havoc a cyber attack could inflict on the nation’s power grid.

Internet-based terrorists would be capable of causing blackouts “on the order of nine to 18 months” by disabling critical systems such as transformers, said Joe Weiss, managing director of Applied Control Solutions LLC, a Cupertino, California-based security consulting company.

“The dollars are incalculable,” Weiss said in a phone interview. The 2003 event, triggered when a power line touched tree branches in Ohio, caused losses of as much as $10 billion, according to a study by the U.S. and Canadian governments.

Energy companies including utilities would have to increase their investment in computer security more than seven-fold to reach an ideal level of protection, according to a survey done for Bloomberg Government by the Ponemon Institute LLC, a data- security research firm based in Traverse City, Michigan.

Electric utilities fail to recognize the risk because, unlike banks and telecommunications companies, they aren’t prime targets for Internet theft or espionage, said James Lewis, technology program director at the Center for Strategic & International Studies in Washington. Yet “if there was a cyber attack, the electrical grid would be target number one” for terrorists, he said.

“There’s some percentage of utilities out there that just don’t take this seriously,” Lewis said.

Security Spending

The Bloomberg survey of network managers at 21 energy companies including 14 utilities found the companies spend an average of $45.8 million a year on computer security and are able to prevent 69 percent of known cyber strikes against their systems.

Over the next 12 to 18 months, the companies estimated they could increase annual spending to an average $69.3 million and be able to avert 88 percent of attacks. It would take an average annual budget of $344.6 million per company to stop 95 percent of the threats, the survey found.

That sum exceeds the $277 million in profit that Atlanta- based Southern Co. (SO), the largest U.S. utility by market capitalization, reported for the fourth quarter of 2011.

Bloomberg also surveyed other fields -- including telecommunications, financial services and health care -- and found that technology managers in 124 companies and 48 government agencies said they could double their spending on cybersecurity, and still their networks would remain vulnerable. All of the companies surveyed employ at least 10,000 workers.

Companies Surveyed

The energy companies surveyed anonymously included eight private utilities, six public utilities, four oil and gas exploration and production companies, and three pipeline and retail businesses.

The four largest U.S. utilities by market capitalization declined to release information on their cybersecurity spending when contacted by Bloomberg News. They are Southern; Dominion Resources Inc. of Richmond, Virginia; Duke Energy Corp. of Charlotte, North Carolina; and Exelon Corp. of Chicago.

Congress is considering legislation that may include increased government sharing of information, as well as tax and insurance benefits for companies that implement certain cybersecurity controls.

Setting Priorities

“Regardless of how much money we spend, it is simply not possible to eliminate all risk,” James Fama, vice president for energy delivery at the Edison Electric Institute, said in an e- mail. “Utilities have to make choices and set priorities concerning investments.”

The Washington-based industry group, whose members include Duke Energy Corp. and Consolidated Edison Inc., wants more senior executives at utilities to have top-secret security clearance so they can get better intelligence on cyber threats.

Energy Secretary Steven Chu announced an initiative Jan. 5 aimed at helping utilities and grid operators identify weaknesses in their cyberdefenses and devise research and investments to eliminate them. The Energy Department plans workshops with utilities this year to come up with a set of best practices for the industry.

Information Sharing

American Electric Power Co. (AEP) of Columbus, Ohio, received $75 million from the 2009 stimulus law and is working with 15 unnamed utilities to share cyber-threat information learned using software developed by Lockheed Martin Corp. (LMT)

While no major cyber attacks on the U.S. electric grid have been reported, Russia and China have “probed the electrical grid to find vulnerabilities to exploit if they needed to attack it,” Lewis said, citing the National Security Agency. “The risk is that the attack capabilities are spreading, and countries like Iran and North Korea, along with jihadis and anarchists, will eventually be able to attack.”

Power companies have become more exposed to hackers and cyber terrorists as they replace older equipment with digital devices and the electrical grid becomes more interconnected through the Internet.

“In almost every case, a control system is connected to the Internet and it’s vulnerable to being hacked,” said Lewis.

Utilities are investing in technologies designed to give their customers greater control over their energy use, such as the ability to use a cell phone to set the air conditioning level at home. As computer links create the so-called “smart grid,” power companies will need to spend about $3.7 billion between now and 2030 on protection from cyber threats, according to a 2011 study by the Electric Power Research Institute of Palo Alto, California.

Industrial Controls

Power-grid security is “both a hardware and a software issue,” because hackers can use viruses to make industrial control programs go haywire and damage critical equipment such as transformers, Roger Cressey, senior vice president at Booz Allen Hamilton Holding Corp., a McLean, Virginia-based consulting firm, said in an interview.

If hardware is attacked “the concern is we don’t have enough replacements in supply to switch them out,” he said.

The Stuxnet computer worm, which attacks software sold by Munich-based Siemens AG (SIE), is an example of a virus that can overtake a power plant’s industrial control systems. Almost 60 percent of Stuxnet-infected computers were in Iran, where officials said systems used to enrich uranium were the targets.

Isolating Computers

The North American Electric Reliability Corp. has instructed power companies to isolate computers to prevent a hacker attack from triggering a widespread blackout, said Gerry Cauley, chief executive officer of the Atlanta-based organization that develops standards for the nation’s utilities.

The Federal Energy Regulatory Commission reviews NERC’s cybersecurity standards for approval, and utilities can be fined as much as $1 million a day for violations. The process for approving reliability standards can take years, according to FERC Commissioner John Norris.

“That’s not in my mind an adequate mechanism for addressing an imminent threat,” he said in an interview.

Cybersecurity legislation should allow FERC to issue emergency orders to protect the grid and give the agency the authority to respond to a threat before an incident occurs, Joseph McClelland, the commission’s electric reliability director, told a congressional panel May 31.

Government can help utilities prioritize cybersecurity investments by keeping them apprised of threats, Fama said.

“While we spend significant money and resources to provide reliable service, we also have to accomplish this at a reasonable cost,” he said in an e-mail.

"Hugh Pickens writes writes "BBC recently asked physicist and Cambridge University professor Dave Ansell to draw up a balance sheet of the mass that's coming in to the earth, and the mass going out to find out if the earth is gaining or losing mass. By far the biggest contributor to the world's mass is the 40,000 tonnes of dust that is falling from space to Earth every year. 'The Earth is acting like a giant vacuum cleaner powered by gravity in space, pulling in particles of dust,' says Dr. Chris Smith. Another factor increasing the earth's mass is global warming which adds about 160 tonnes a year because as the temperature of the Earth goes up, energy is added to the system, so the mass must go up. On the minus side, at the very center of the Earth, within the inner core, there exists a sphere of uranium five mile in diameter which acts as a natural nuclear reactor so these nuclear reactions cause a loss of mass of about 16 tonnes per year." (Read more, below.)
Pickens continues: "What about launching rockets and satellites into space, like Phobos-Grunt? Smith discounts this as the mass is negligible and most of it will fall back down to Earth again anyway. But by far the biggest factor in earth's weight loss are the 95,000 tonnes of hydrogen that escape from the atmosphere every year. 'The other very light gas this is happening to is helium and there is much less of that around, so it's about 1,600 tonnes a year of helium that we lose.' Taking all the factors into account, Smith reckons the Earth is getting about 50,000 tonnes lighter a year, which is just less than half the gross weight of the Costa Concordia, the Italian cruise liner that recently ran aground."" The above from slashdot....

No comments:

Post a Comment