Announcement

Collapse
No announcement yet.

Don't make the power grid smart: IT COULD GET HACKED!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • streaker69
    replied
    Re: Don't make the power grid smart: IT COULD GET HACKED!

    Originally posted by Thorn View Post
    As an ancillary note to this: Due to his real life job, Streaker69 has been compiling a lot of SCADA hacking incidents and related information. As we all know, SCADA is going to be the linchpin of any smart grid. The one thing that Streaker has found is that due to the unique setup of every plant, SCADA hacking has always required two elements:
    • Detailed, insider knowledge of the plant involved.
    • A control program specific to the plant.
    I do agree with these points. But there is another issue that I don't think I mentioned to anyone yet.

    There has been a big push among SCADA vendors for 'webHMI' which of course a very bad idea. We had actually looked into it, and I had published my SCADA screens to it originally but have since taken it offline as I just don't trust their security related to it.

    Leave a comment:


  • Thorn
    replied
    Re: Don't make the power grid smart: IT COULD GET HACKED!

    Here's the full CIA statement:

    We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet.
    The problem I have with that report is that it's big on generalities and very low on specifics. Now, I understand that the information is based on various sources that may or may not be trustworthy, and that the foreign governments involved may not wish to advertise the fact that their grid was hacked, but overall the statement doesn't really give any info that might be used to formulate an active defense of a smart power grid.

    As an ancillary note to this: Due to his real life job, Streaker69 has been compiling a lot of SCADA hacking incidents and related information. As we all know, SCADA is going to be the linchpin of any smart grid. The one thing that Streaker has found is that due to the unique setup of every plant, SCADA hacking has always required two elements:
    • Detailed, insider knowledge of the plant involved.
    • A control program specific to the plant.
    Last edited by Thorn; March 28, 2009, 11:21. Reason: Misspelling

    Leave a comment:


  • g3k_
    replied
    Re: Don't make the power grid smart: IT COULD GET HACKED!

    According to the CIA, they've already been hacked:
    http://www.greenercomputing.com/blog...-electric-grid

    Leave a comment:


  • beakmyn
    replied
    Re: Don't make the power grid smart: IT COULD GET HACKED!

    Oh this could be very fun.
    http://www.youtube.com/watch?v=MtO6q3FPg8s

    Watching the video is kinda scary. The system, if fully integrated controls when and how you use your electricity. It can tell your thermostat to turn on/off. It set a quota of how many kwhr you're allowed. Worst case scenario, say an overzealous power company thinks your using too much power, they can control how much they let you have.


    They know not only know how much power you're using, but when you're using it.

    Gone are the old days of sticking a really big magnet on the meter to slow it down? Yes, some people actually did this.

    Leave a comment:


  • bascule
    replied
    Re: Don't make the power grid smart: IT COULD GET HACKED!

    Originally posted by YenTheFirst View Post
    it would be stupid to make the grid smart, <i>but not secure</i>.
    Step 1: Don't write it in C

    Leave a comment:


  • streaker69
    replied
    Re: Don't make the power grid smart: IT COULD GET HACKED!

    Originally posted by xor View Post
    Actually you have nothing to worry about .... I hear they are going to using Mac's.

    xor
    So they'll have it cracked in 10 seconds?

    Plus, just want I always wanted, an electric meter on my house with a pretty, completely useless UI.

    Leave a comment:


  • xor
    replied
    Re: Don't make the power grid smart: IT COULD GET HACKED!

    Originally posted by YenTheFirst View Post
    I agree with your sentiment, but even the article doesn't suggest that. It states that many people are of the opinion that it would be stupid to make the grid smart, <i>but not secure</i>.

    And, frankly, I'd like to at least know that any upgrades they roll out won't get cracked in 3 weeks by some script kidde.

    seriously, it has to be 4 weeks at least.
    Actually you have nothing to worry about .... I hear they are going to using Mac's.

    xor
    Last edited by xor; March 21, 2009, 16:53.

    Leave a comment:


  • YenTheFirst
    replied
    Re: Don't make the power grid smart: IT COULD GET HACKED!

    I agree with your sentiment, but even the article doesn't suggest that. It states that many people are of the opinion that it would be stupid to make the grid smart, but not secure.

    And, frankly, I'd like to at least know that any upgrades they roll out won't get cracked in 3 weeks by some script kiddie.





    seriously, it has to be 4 weeks at least.
    Last edited by YenTheFirst; March 22, 2009, 00:53. Reason: Spelling and formatting errors. That's what I get for perusing slashdot, which uses plain 'ol html fer fermattin'.

    Leave a comment:


  • Don't make the power grid smart: IT COULD GET HACKED!

    http://edition.cnn.com/2009/TECH/03/...rss_topstories

    Yeahhh... screw automation, hackers could screw it all up!
Working...
X