Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror
Security United States Power

DHS To Review Report On US Power Grid Vulnerability 138

Posted by kdawson
from the like-dominos dept.
CWmike writes "The US Department of Homeland Security is looking at a report by a research scientist in China that shows how a well-placed attack against a small power subnetwork could trigger a cascading failure of the entire West Coast power grid. Jian-Wei Wang, a network analyst at China's Dalian University of Technology, used publicly available information to model how the West Coast grid and its component subnetworks are connected. Wang and another colleague then investigated how a major outage in one subnetwork would affect adjacent subnetworks. New Scientist magazine reported on this a week or so ago, and the paper has been available since the spring."
This discussion has been archived. No new comments can be posted.

DHS To Review Report On US Power Grid Vulnerability

Comments Filter:
  • To that new-fangled interweb.

    Simple.

    Why they are, is question simply answered with "stupidity".

    Bye.
    • by Chirs (87576)

      Obviously you didn't read the article. They're talking about cascading failures due to the fact that they're connected via the electrical grid.

      Basically the same thing that happened some years back on the eastern seaboard, but on the west coast and triggered on purpose.

      • by Finallyjoined!!! (1158431) on Tuesday September 15, 2009 @02:00PM (#29429715)
        Obviously, you have not read TFA:

        News about Wang's research comes at a time when there are considerable concerns about the security of the U.S. power grid. In April, The Wall Street Journal, citing anonymous national security officials, reported that cyberspies from China, Russia and elsewhere had gained access to the U.S. electrical grid and had installed malware tools that could be used to shut down service. Though the access hasn't been used to disrupt service, the concern is that the malicious hackers could do so with relatively short notice during a time of crisis or war.

        What a prawn.

        • by spun (1352)

          Well, you're both right. The article IS talking about cascading power failures due to electrical grid connection, not Internet connection, while the part you quote backs up your... hey! Wait a second, it doesn't back up what you were saying AT ALL! Where does it say the 'cyberspies' gained access through the Internet?

        • Re: (Score:3, Insightful)

          by ParanoiaBOTS (903635)

          Obviously you didn't read the article. They're talking about cascading failures due to the fact that they're connected via the electrical grid. Basically the same thing that happened some years back on the eastern seaboard, but on the west coast and triggered on purpose.

          Obviously, you have not read TFA:

          News about Wang's research comes at a time when there are considerable concerns about the security of the U.S. power grid. In April, The Wall Street Journal, citing anonymous national security officials, reported that cyberspies from China, Russia and elsewhere had gained access to the U.S. electrical grid and had installed malware tools that could be used to shut down service. Though the access hasn't been used to disrupt service, the concern is that the malicious hackers could do so with relatively short notice during a time of crisis or war.

          What a prawn.

          Actually both you, and your parent post are correct. They are pointing out why the compromised grid is so concerning(aside from the obvious). Couple that malware with this knowledge and you can very effectively take out power for the west coast by targeting a very small subset of stations.
          What they are saying is that the outage like we had several years back can be triggered fairly easy, and even scarier, since we are compromised already, someone sitting at a computer could probably just turn off power

          • by geogob (569250) on Tuesday September 15, 2009 @02:42PM (#29430157)

            Everyone knows that you hack a power grid system with a modem, weird command line interfaces using pseudo-english commands and some fast random typing on a keyboard.

            • Re: (Score:2, Funny)

              by KraftDinner (1273626)

              Everyone knows that you hack a power grid system with a modem, weird command line interfaces using pseudo-english commands and some fast random typing on a keyboard.

              Don't forget about the swirling numbers and mathematical symbols in the background all the while you can see them flying through the file system.

            • by PitaBred (632671)
              And you hack the Gibson with viruses that look like happy-face ping-pong balls and the Cookie Monster and Pac Man. Duh.
            • Everyone knows that you hack a power grid system with a modem, weird command line interfaces using pseudo-english commands and some fast random typing on a keyboard.

              This is after you have driven your motorcycle off the adjacent roof and exploded the front enterance - knocked out the guards at the station and ran your fancy nmap commands to get the root passwords and then disable the power grids.

        • by Techman83 (949264)
          Prawn? [creativeloafing.com]
      • To lazy to look for citations - but this scenario was envisioned in Sci-fi literature long before the advent of the internet. And, in fact, I believe the north-east has experienced such a thing at least twice, probably more than that. Brown outs and black outs due to local overloads aren't a new concept at all, nor is the idea of cascading failures. All that I see here, is the idea of inducing one or more local overloads via the internet.

        Of course, there are any number of "experts" who claim that this is

      • by pilgrim23 (716938)
        one emp producing Nuke exploded 25k miles above Kansas. No worries what is connected to who, it all goes off. Tell me how a smart grid connection will prevent this scenario. Through the magic of Wikipedia: The worst effects of a Russian high altitude test occurred on 22 October 1962 (during the Cuban missile crisis), in âOperation Kâ(TM) (ABM System A proof tests) when a 300-kt missile-warhead detonated near Dzhezkazgan at 290-km altitude. The EMP fused 570 km of overhead telephone line with
        • by MrNaz (730548) *

          25k miles is so far away that you can't really say that it's "above Kansas", so much as "above everything". 25k miles is ~3 times the diameter of the Earth.

    • Re: (Score:3, Informative)

      If you connect your PLC to the Internet, it can email you when a problem arises. If you haven't coded responses to incoming email, it simply won't respond. I didn't see any incoming email commands on the PLCs I've worked on, but that doesn't mean they don't exist.

      So, you get error reporting and real-time data from your PLCs when you connect them to the Internet. Apparently that's stupid.

      The programming ports on the ones I've used are physically separate from the ones used for communication, and the function

      • by AB3A (192265) on Tuesday September 15, 2009 @04:11PM (#29431375) Homepage Journal

        Not so fast. See the first paper in this bunch [digitalbond.com]. The authors managed to hack a Koyo and AB PLC Ethernet interfaces. The AB Ethernet card had lots of useful stuff in it, including a symbol table. From the symbol table I saw many backplane calls that you could use to communicate with the PLC. How well do you trust a hacked Ethernet module on a PLC backplane?

        Having a physically separate port is nice, but it is no substitute for secure coding. If you think that coding is poorly secured in the PC world, you'll be shocked at what often gets done in embedded system coding.

        Some PLCs and Variable Frequency Drives have been noted for their inability to handle Denial of Service traffic. I've seen that demonstrated myself. This is the official cause of a reactor SCRAM at Browns Ferry a few years ago.

        Try a port scan of your PLC some time and tell me how many ports it responds to (DO THIS ON A TEST-BENCH --NOT PRODUCTION EQUIPMENT!). If you can identify everything that critter responds to, congratulations. If not, be afraid. Be VERY afraid. I've heard quite a few PLC models that have mysterious responses to ports where you wouldn't expect them to respond.

        Real Time embedded systems are not good candidates for direct internet exposure. They're too difficult to patch in a timely fashion. Often the windshield time alone is prohibitive. And if you have any notions of pushing patches to them remotely, remember, these things control some pretty high speed/high power processes. You don't just patch them. There are process and safety implications that you need to consider. This ain't some office application where you can say oops and restore from a backup. Real physical things will happen and real physical problems will be created that you can't clean up with a simple code reversion.

        Most of our infrastructure today has not been engineered with security issues in mind. There is still lots of Gee Whiz "Let's Share Data" synergy crap going on. This leads to all sorts of direct interconnections that aren't absolutely necessary. Many controls can be made over links that weren't intended for that purpose. It's not easy to split the data flows up any more because many organizations have been very profligate with their use of SCADA information and it isn't easy to find all the sources and sinks.

        I'd love to post data from a PLC directly to the public. But I just can't sleep at night with something like that waiting to screw things up.

        Good luck with your security, and I mean that quite sincerely.

      • by Loudog (9867)

        A combination of VPN access and firewalling does the trick. I've tested it with AB (EthernetIP) gear and it works fine. There are quite a few vendors that will sell you the parts, but they aren't the traditional ones (Omron, AB, etc,...) so most of the controls folks seem to ignore their existence. When it comes to control, go to them. If it's data security, Cisco, Juniper,...

  • Don't worry (Score:5, Interesting)

    by dedazo (737510) on Tuesday September 15, 2009 @01:53PM (#29429619) Journal

    The US power grid is so ancient, convoluted and in such a massive state of disrepair that we can be sure we're safe from terrorists. They wouldn't even know where to begin to find a point in the system that could be used to trigger a catastrophic cascading failure like the one in the East Coast a few years ago.

    Trees [wikipedia.org] on the other hand... trees are truly evil.

    • Re: (Score:2, Funny)

      by Anonymous Coward

      Linux is so ancient, convoluted and in such a massive state of disrepair that we can be sure we're safe from viruses. They wouldn't even know where to begin to find a point in the system that could be used to trigger a catastrophic cascading failure like the one that is the Linux OS itself.

      Fixed your typos there for ya.

    • Well, someone apparently has used publicly available information to find a weakness. Now that the door is open, who is stop a terrorist. With the grid being such a mess, won't it be that much harder to fix the problem if we did have an attack of this kind?
    • by Saliegh (1368127) on Tuesday September 15, 2009 @02:07PM (#29429807)
      Everyone knows that a small thermal exhaust port at the end of a long trench is the key to initiating a catastrophic cascading failure.
    • Re:Don't worry (Score:4, Insightful)

      by LoRdTAW (99712) on Tuesday September 15, 2009 @03:07PM (#29430393)

      Have you watched the History Channel special: The crumbling of America? Well if you did the "terrorists" have nothing to worry about, they just have to sit by and watch us fall apart.

      The roads are shot along with bridges. Sewer systems overloaded, water supplies in jeopardy, levies and dams in a state of serious disrepair. And an electrical grid that teeters on the edge of blacking out every day.

      Its wasn't all doom and gloom as its not too late. Th1ere are many technological advances to replace and update our infrastructure with better and longer lasting replacements. Problem is money, there is simply not enough to go around and in some cases there is no money at all.

      • by Ozric (30691)

        That is all propaganda....

        The "terrorists" watch and think, heck... They live in as big a shithole as us. We should stop hating them and feel sorry.

      • Re: (Score:3, Insightful)

        by sjames (1099)

        There IS money, but it's currently busy going up CEOs' noses.

    • Re: (Score:3, Interesting)

      by mikael (484)

      Back around 2000 there was a complete failure of the SF Bay Area power grid when a couple of engineers activated the grounding switches to a local area of the power line before decoupling it from the main grid.

    • You could say the same thing about the Western hegemony. Some terrorists are still naive enough to give a go though
    • by mcgrew (92797) *

      That's completely and utterly incorrect -- almost. Parts of the power grid must certainly be in disrepair, especially in places where the local power company is bad (an example is Amerin down in the St Louis area), but most of it is in good shape (an example is CWLP in Springfield, IL). If it were that easy to take down the power grid, it would happen every time there was a tornado anywhere.

      The US power grid is an ongoing construction project akin to the US interstate highway system. Some roads are brand ne

  • There are dozens of Power Engineers at utilities and govt agencies whose job has been, for the last fifty years or so, to run just these kinds of simulations.

    They do this all day, every day.

    The problem areas are pinpointed, and sometimes money is budgeted toward ameliorating the situations.

      Some problems can only be fixed by adding several billion dollar highlines, so those usually get postponed or ruled impractical.

    • The margins on all power grids are getting smaller.
      'Just in time'
      'Predicted demand' ...
      In the bad old days of monopoly providers, the monopoly would often reasonably plan the capacity, and built to some way in excess of this.

      With the market coming to shine its light on all these restrictive practices, a new way of looking at power grids has arisen.
      'What does upgrading the grid so to next years bottom line'.

      Clearly this is the better solution.

      • by jeffstar (134407)

        clearly you don't live in ontario where everybody gets an extra line on the monthly bill to help pay their part of the old bankrupt monopoly's debt.

        30 billion in debt against 10 billion in assets (http://www.electricityforum.com/news/jul03/hydrodebt.html).

        maybe they should have paid a bit more attention to the bottom line

        • Yes - monopolies don't do everything right.

          But the unfettered market in utilities, without strong requirements for infrastructure margins large enough to cope with multiple failures - is somewhat broken too.

          • by jeffstar (134407)

            i agree - while there is economic incentive for providing various types of operating reserve, these are meant to cover the failure of the single biggest unit and transmission line in the area and not growth in demand.

            The markets are meant to provide economic incentive for private investors to build power stations, but that means higher prices which makes governments look bad, energy companies look like thieves, and consumers angry.

            in ontario, when supply got tight the market operator would lower the reserve

      • You believe the monopolies ran adequate spinning reserve?

        You should look into the history of cascade failures (particularly in the NE interconnect) and realize which administrative model the system was running in at the time.

        All power pools that I am somewhat aware of (most of them, at a previous job I developed and maintained power trading and systems modeling software) have some mechanism for capacity power payments to keep the hydro and standby guys in business.

        The system routinely steps right to

  • The amazing thing (Score:5, Insightful)

    by guruevi (827432) <evi@smok[ ]cube.be ['ing' in gap]> on Tuesday September 15, 2009 @02:04PM (#29429763) Homepage

    The amazing thing is that nobody ever tried it or at least never succeeded. The US is apparently not that hated in the world since nobody ever does anything. We have hundreds of reports on how easy it would be to disable this or take that out of service. All it takes to black out the USA are some well placed charges or for somebody to hit a few poles hard enough but nobody does it. All we got was some measly hijacked plane (which has been done since the 70's) in a few buildings.

    • by oodaloop (1229816) on Tuesday September 15, 2009 @02:33PM (#29430071)

      All we got was some measly hijacked plane (which has been done since the 70's) in a few buildings.

      ...whose cost rose into the tens of billions and exacerbated our recession. It didn't topple our economy, which was their aim, but put a dent in it.

      • by hoggoth (414195) on Tuesday September 15, 2009 @03:19PM (#29430527) Journal

        > It didn't topple our economy, which was their aim, but put a dent in it.

        Yes it did. The cost of the buildings is negligible compared to our GNP. But the cost of the followup war in Afghanistan, war in Iraq, DHS, etc have toppled our already shaky economy. What's more their aim wasn't to topple our economy, it was to ruin our way of life. I'd say our descent into security theater, torture, surveillance and paranoia has gone a long way towards destroying our way of life. America the free?

        • by oodaloop (1229816)

          What's more their aim wasn't to topple our economy, it was to ruin our way of life.

          Well, Usama bin Laden said he intended to destroy our economy by taking out the twin towers. Khalied Sheikh Muhammad said the same thing when planning the Bojinka plot in 94. They thought those two towers were pivotal to our economy, for some reason. They've also said they will not stop until they have raised the flag of Islam over the White House. They could really care less about our way of life if we're still alive.

          Perhaps we overreacted as a nation, and you're entitled to your opinion. I am person

          • It's not a "tower takes out nation" movie plot. It's a "tower changes nation into crazy people who then waste massive amounts of money thus killing their economy which lets us invade them 50 years later when they have nothing to fight back with and are infighting more than we do" large-amount-of-long-term-strategy plot. You forgot that their entire strategy is to wait, always. They can wait for the economy to fall, as they have literally nothing that's time-sensitive in their society. They're still in the b

            • by oodaloop (1229816)

              It's not a "tower takes out nation" movie plot. It's a "tower changes nation into crazy people who then waste massive amounts of money thus killing their economy which lets us invade them 50 years later when they have nothing to fight back with and are infighting more than we do" large-amount-of-long-term-strategy plot.

              Aside from your vivid imagination, do you have any sources for that? Have you heard any Al Qaeda members say that? Because what they have explicitly said on multiple occasions is that they wanted to destroy our economy. If you have a source from Al Qaeda, post it.

          • Well, Usama bin Laden said

            I notice how you use the new post year 2000 coup d'etat spelling. God forbid you use the regular spelling, "Osama bin Laden", and find that the administrations of Big Bush and Reagan not only heavily financed and trained his whole group but also held that scum up as a "freedom fighter" and hero.

            The net, with the centralization of both sources and indexing/retrieval are making Revisionist history possible in ways barely even dreamed of by fascists, real or from literature.

            • by oodaloop (1229816)
              Spell it whatever way you like. When I was an intelligence analyst at JAC Molesworth in 1998, that's the way we spelled it, so I guess I was ahead of my time. DIA spelled it the other way at the time. Whatever. I've been tracking UBL, or OBL, for a few years now so I know stuff too. Thanks.

              BTW, the US did NOT knowingly finance UBL, though our money made it his way. That's also on the 'net in case you missed it.
            • by oodaloop (1229816)
              I know already replied to your drivel, but the more I thought about it the more it bothered me. Your first part about googling UBl vice OBL is just flat out wrong. If you google "Usama bin Laden", Osama bin Laden results come right up. The Wikipedia page is second on my list, with the OBL spelling up front and immediately after that the numerous variations of his name, UBL being first. So your whole post is really making mountains out of molehills, and you seem to think you know more about UBL than you
        • by dkf (304284) <donal.k.fellows@manchester.ac.uk> on Tuesday September 15, 2009 @05:20PM (#29432621) Homepage

          But the cost of the followup war in Afghanistan, war in Iraq, DHS, etc have toppled our already shaky economy.

          Actually, it was the collective stupidity of millions of people that did that. And yes, believing that house prices would always go up in real terms (or that you'd at least be able to guarantee to get out without burning yourself when they stopped) is most certainly stupidity. On the other hand, as long as everyone believed, it almost worked; the only problem was this inconvenient thing called reality...

        • by mcgrew (92797) *

          But the cost of the followup war in Afghanistan, war in Iraq, DHS, etc have toppled our already shaky economy

          No, an incompetent government whose leaders thought no regulation is good regulation and the war is good helped topple it (Iraq had nothing to do with 9-11), but the main reason was oil, just as oil caused the recession in the 1970s. When Bush took office gasoline was $1.05 per gallon in my town, before he left office (and the economy tanked) gasoline was over $4.50. Why do you think all those people

    • Would you mess with a house full of trigger happy rednecks? Hell no. That's why nobody has messed with this. It would be suicide.

    • by vlm (69642)

      The amazing thing is that nobody ever tried it or at least never succeeded.

      I wouldn't worry about a small terrorist conspiracy, or even the best efforts of a lone wolf.

      Believe it or not, a company-sized army of kamikaze terrorist squirrels and at least a division-sized army of terrorist trees has been trying to do this for literally over a century, and have won only minor short term battles and the nations EE-army has rapidly regained the lost territory.

      Add in all the drunk drivers crashing thru the fences, cropduster airplanes that fail to avoid the lines, it just seems unlikely.

    • Re:The amazing thing (Score:5, Interesting)

      by Ron Bennett (14590) on Tuesday September 15, 2009 @02:38PM (#29430127) Homepage

      People have tried blowing up / cutting high-tension power towers, but it seems that either they're stopped part way through their plan, or simply never follow-through (ie. cutting one or more of the tower supports, but failing to taking down the line).

      Very often attacks are attempted at night, but that's a bad time, since load is often low. One would need to wait until mid afternoon on a very high load day (even more ideally when some major lines are down for maintenance) - that takes advanced planning and good luck.

      Furthermore, cutting lines, alone, probably wouldn't be enough to cause a cascade. One would very likely need to bypass / overwhelm (ie. in the 2003 east coast black out some of the monitoring computers were unresponsive due to a worm going around) some of the safety systems, as well, for a cascade failure to occur.

      On a related note, detonating a nuclear device high in the atmosphere at the right location would likely do it, but that would be extremely challenging - more likely, a terrorist with a nuke, probably of very low yield, would most likely detonate it at ground level, which would minimize EMP effects.

      Ron

      • by Rich0 (548339)

        If you wanted to take out a substation/etc, wouldn't it make more sense to just shoot at the ceramic insulators with a rifle? Why on earth would you go sawing on the support beams for a tower? First, it takes a while. Second, you are right next to a metal tower that is about to have high-voltage lines fall onto it - at those levels that electricity will arc multiple feet through the air and turn you into a cinder. To shoot out an insulator you probably just need to be a good shot - you probably don't ne

      • Or you cut a lot of lines.

        You use public domain resources and a little research to work out which lines are under most stress.

        You get maybe 10 guys with vans and big catapults that throw copper wire over a high voltage line.

        You drive along the lines - with a plausible excuse - and you work out where a nice little farm road is that nobody uses for each line, and come 1:23:23 AM (or whenever) you kill all 10 lines as your teams are driving away from thier catapults on a 1 minute trigger.

        For added fun have a s

      • by MrLogic17 (233498)

        Correction: It wasn't a worm that caused the unresponsiveness - it was a bug in the software that didn't display alarms. The operators didn't see them, thus they stacked up. The backlog of alarms brought the system to it's knees. The switch to the backup servers didn't fix that issue, thus bringing them to a crawl too.

        There's lots of facinating reports on the 2003 blackout out there- including pics of the single tree that started it all.

      • by drinkypoo (153816)

        Very often attacks are attempted at night, but that's a bad time, since load is often low. One would need to wait until mid afternoon on a very high load day (even more ideally when some major lines are down for maintenance) - that takes advanced planning and good luck.

        It would be trivial to apply remotely activated thermite packs to the legs of the towers. They could be activated by cellphone. The cost of the whole thing to take down two towers simultaneously would run into the low single-digit thousands if you really slicked it up. Obviously nobody serious has ever really tried to do this.

      • by shermo (1284310)

        Very often attacks are attempted at night, but that's a bad time, since load is often low.

        Actually.... Low load means the system is much more likely to collapse. The power system has inertia in it, if the load is high, this inertia is high and there's a long time to respond before the system collapses. If on the other hand, you take out a couple of power stations when load is low, the frequency in the system will drop much faster, and it will be more difficult for the reserve mechanisms to respond in time.

        I agree that if you cut a line during high load you'll be more likely to cause some people

      • Re: (Score:3, Informative)

        by beckett (27524)

        it could be as easy as determining regional weak points, and a terrorist cell can launch BLU-114/B carbon filament warheads [fas.org] in enough areas simultaneously to cause a cascade blackout. the technology has already been in news in Taiwan [monstersandcritics.com].

        (man i can't wait to get that phone call from Homeland Security tonight.)

      • by chrb (1083577)

        Very often attacks are attempted at night, but that's a bad time, since load is often low. One would need to wait until mid afternoon on a very high load day (even more ideally when some major lines are down for maintenance) - that takes advanced planning and good luck.

        From TFA: "To their surprise, under particular loading conditions, taking out a lightly loaded subnetwork first caused more of the grid to trip out than starting with a highly loaded one. An attack on the nodes with the lowest loads can be a more effective way to destroy the electrical power grid of the western US due to cascading failures,"

  • Fragile Grid (Score:4, Informative)

    by Old VMS Junkie (739626) on Tuesday September 15, 2009 @02:07PM (#29429799)
    The electric grid has already suffered multiple cascading failures from simple events that led to widespread outage. Look into the West Coast outages of 1996 and 1998 as well as the failure in the Northeast in 2003. There's a lot of interesting science going on around networks, graph theory, complexity and all. There's a really good book on teh subject, "Six Degrees" by Watts.
  • The paper looks very interesting and should be another reason for a full grid upgrade, so we can use smarter power systems. It's a pity Edison's idea of local power stations never took off. Such a system would be much more fault tolerant and scalable. The same thing could be done now with pebble nuclear reactors [wikipedia.org].
    • Re: (Score:2, Informative)

      There were economic issues with Edison's ideas. The biggest problem was his insistence with DC. DC only worked with local power stations. AC scaled and could transmit over much farther distances with much less loss. More fault tolerant, perhaps. More scalable? Not from an economic standpoint.
      • by Ungrounded Lightning (62228) on Tuesday September 15, 2009 @04:23PM (#29431595) Journal

        There were economic issues with Edison's ideas. The biggest problem was his insistence with DC. DC only worked with local power stations. AC scaled and could transmit over much farther distances with much less loss. More fault tolerant, perhaps. More scalable? Not from an economic standpoint.

        The main reason AC scaled better than DC was that simple transformers could be used to boost the voltage or long-distance transmission on affordable diameter wire and back down to what could be safely handled in a home. Shifting DC, at the time, required rotary converters and was limited in voltage by the arcing and size of the commutators.

        Since about the 1960s or so DC conversion for long-lines has been practical. And with modern semiconductors it's now economically competitive. With that, DC lines become practical for a makeover.

        AC, unfortunately, introduces propagation timing effects that make things a bit more complex to keep running. DC doesn't have those failure modes AND it makes somewhat better use of a given amount of metal in the wire.

        (A downside of DC vs AC is that a DC arc is harder to extinguish.)

    • Undoing a mis-mod
    • Going "smarter" is a big boondoggle for the makers of the "smart network" equipment. Last I saw it would not pay for itself with either electrical savings AND reduced costs of outages combined. And it has extra failure modes of its own.

      Replacing the current grid with a DC distribution similarly would be a great way to funnel government money into the pockets of campaign contributors but would hardly pay for itself in energy savings (though if done right it MIGHT raise reliability somewhat). Switching to

      • The scare scenario given in TFA seems to be a variant of ... Taking out a local section of the grid and leaving the rest unable to serve its load. (Though I'm not sure, having not paid for a copy of the not-adequately-quoted article.)

        And a closer reading of TFA2, referenced by TFA, makes that clearer.

        It was an "aha" moment: Of COURSE disrupting the LIGHTLY loaded subnets (where there is a surplus of generation feeding the HEAVILY loaded sections) causes more failures than attacking those with heavy loads:

  • oh noes (Score:4, Funny)

    by Lord Ender (156273) on Tuesday September 15, 2009 @02:12PM (#29429863) Homepage

    if terra were to plant a nuclear bomb in my apartment, thousands in my neighboorhood could be killed. that's worse than a mere blackout! please give me a large grant so i can upgrade my apartment to a more secure version. think of the children!

  • get those new UPSs I've been wanting.
  • by It doesn't come easy (695416) * on Tuesday September 15, 2009 @02:22PM (#29429951) Journal
    Jian-Wei Wang has just been added to America's Top 10 Most Wanted Terrorist list, according to a DHS spokeperson. "We believe this person has been studying some of our infrastructure with the intent to identify inherent weaknesses. It is only a matter of time before this person, or someone else, uses the knowledge gained to attack the USA." A few moments later, a nearby open microphone caught the DHS official's candid statement "Anyone using information, public or private, to point out our own stupidity is automatically suspect. To go so far as to publish their findings is criminal. Besides, since we can't find any real terrorists, we have to demonize someone so we can continue justifying our astronomical budget in these difficult economic times." After a reporter on the scene brought this admission to the attention of the spokesperson, the reporter's name was also added to the list.
    • by Beerdood (1451859)
      I think I saw this happen in a documentary called "Live free or Die Hard". Someone send in Bruce Willis after this guy, before he disabled the entire grid!
  • So they're going to decide, therefore, that the thing to do is hide the information and ban research into it. You know, instead of actually making the systems secure.

    Hooray for security for obscurity.

  • Now that power utilities are free to be profit-generating enterprises, there's less incentive for them to invest in the redundancies which make cascading failures possible. In the past, when utilities were heavily-regulated non-profits, people complained that their systems tended to be "gold-plated," due to so much potential profit being re-invested in the systems. But, as the northeast blackout of a few years back demonstrates, today the same money which would have gone to improving the infrastructure now

    • . In the past, when utilities were heavily-regulated non-profits, .

      When exactly was this? The utilities that provide electric and gas in my area have been for profit companies for as long as I have been alive (and I believe for as long as electric has been available to run in home appliances in this area). They have also always been heavily regulated and require authorization from the state to raise rates.

      • by zorro-z (1423959)

        The deregulation of the US electric industry began w/the Energy Policy Act of 1992, although, as Wikipedia notes, "It began in earnest only from 1996 onwards when the Federal Energy Regulatory Commission issued orders that required utilities to provide transmission services "on a reasonable and non-discriminatory basis."

        http://en.wikipedia.org/wiki/Electricity_sector_of_the_United_States#Deregulation_and_competition [wikipedia.org]

        • So, are you claiming that before 1992 electric utilities were non-profit? Because I happen to know that in my area that is not true. Additionally, since what you are referring to is Federal regulations, it doesn't exactly effect what I said, which was about state regulations, which as a matter of fact your link states: "By 2008 only about a dozen states had deregulated their electricity markets".
  • by Anonymous Coward

    They required all employees to use the same identical 4 letter password, to which I objected but was forced to do. My first few weeks there I discovered a keylogger on two PCs using Spybot. I reported it to management and suggested they have everyone scan their PCs, they said I was overreacting. Their email service was hosted by a remote 3rd party provider in Texas, who could be reading all their mail because they were too lazy to set up one in house. I recommended an internal email server and also that eve

  • Here in Europe, we've also experienced a few cascading blackouts, triggered by single
    failing power plants. Blackouts throughout Denmark caused by failing power plants
    in middle/southern europe is not unheard of. When the power grid is so interconnected, a few
    failures means the capacity of the rest of the plants does not meet the demand of the grid,
    which in turn forces the rest of the plants to a grinding halt. A very well coordinated effort is then required
    to bring the grid back up.

    There's probably not much

  • I started a book years about a coordinated attack by a small group of people that blacked out the west coast for months. That was early 90's. Surprisingly little has changed. Security is better, but it's still astonishing how much of our power infrastructure is unprotected.

    Almost as surprising is how few people are prepared for an extended power outage. Ever since I worked around power management systems, I've dragged around a generator and keep enough gas on hand to run it at least two weeks.

    It say

  • Already, subscribers are talking about a controversial military maneuver whereby a small unit or individual, outgunned and trapped may use an otherwise abandoned motor vehicle and a makeshift ramp to disable or destroy a rotory aerial vehicle.

    At least one may in fact currently be viewing this via "the old satcomms".

  • Why the heck the power infrastructure is connected to the internet ? Why the heck not use direct modem or similar non easily compromisible stuff, and certainly nothing a MALWARE could control ? Whiskey Tango Foxtrot ? Why not a freaking red button outside with "hit me to break me".
    • by PitaBred (632671)
      Because it doesn't need just point to point communications, and they want constant communication instead of dedicated lines. They'd have to essentially build a private Internet for communications.

      The problem isn't that they're using the Internet. The problem is that they're not using something like a VPN to connect. Businesses do it all the time with damn good security. The power companies just don't give a shit since they have a monopoly on the lines, they have no competition, and no incentive to protect
  • by swschrad (312009) on Tuesday September 15, 2009 @03:11PM (#29430433) Homepage Journal

    used to be, you had load dispatchers at switches in multiple areas. they had telephones and a small phone book of other dispatchers. under that system, the US became the world's dominant superpower and home of most wealth.

    worth trying. not everything has to run on flash and crackberries.

  • Reminds me of the swedish transport agency. It has several publications on its website describing, in great detail, how a terrorist may steal and release dangerous goods from vehicles.
    Counties is Sweden also have more localized publications describing where to find the dangerous goods and vunerable sites.

    Still no-one is putting the information to terror use. Seems there is other ways of protecting the homeland...
  • by johnny cashed (590023) on Tuesday September 15, 2009 @04:31PM (#29431747) Homepage
    I have conceived of a distributed attack involving timed/coordinated thermite devices placed on transformer housings at substations. Place the same devices on any emergency generator housings where first responders are located, and massive chaos would quickly ensue.

    Thermite is easily made/sourced from the components, timing devices are trivial. Thermite is not an explosive, but it would easily burn a hole in the top of a oil filled transformer housing, drop inside the transformer, burning all the way. I'm sure it would short the xformer, and ignite the oil inside. Same with generators, a thermite device placed on top would easily burn into the engine block or generator windings.

    I'll leave the details out for the terrorists to figure out, but I see this as an easy attack for small cities. Larger cities will have the infrastructure more secure, but it is a large grid to secure. Too large. Modern society needs electricity like humans need air. I see my plan of attack as cheap, not too sophisticated for dedicated attacker(s) and probably effective, depending on how large a coordinated attack could be. It is very scalable.

    What, who's at my door? DHS?
    • while I'm guilty of thinking, let me expound a little more. Thermite is trivially easy to make from steel wool and finely divided aluminum (powder). The aluminum can be produced with a labor intensive process called filing or sanding. The process can be mechanized. The ignition process is slightly more difficult that the base materials. However, in the US, fireworks are commonly available and thus provide an easy source for raw materials. The dedicated attackers would not care about getting caught. One
  • In the ice storm of 1998 in the Northeast more than 200,000 poles and 100,000 miles of lines were downed. The blackout did not extend much beyond the counties affected.

    On 9/11 300 MW in NYC disappeared when the towers went down. The blackout did not extend more than a block.

    Tornadoes, earthquakes, wildfires, ice storms, and hurricanes provide frequent tests of multiple unplanned simultaneous contingencies. They hardly ever cause cascading outages.

    Yes cascading outages do occur in real life, but the grid

  • My house is on a main tie power line substation that once was connected to a Al plant here. Now the power goes to two large
    semiconductor fabs that have contracts for power with massive penalties for loss of production. I think I have had less than a hour of outage in 20 years.

    When California disconnects my lights do get a little brighter. http://www.bpa.gov/power/pl/columbia/4-gal-1.htm [bpa.gov]

  • The power grid is a relic of the past. It has been long over due for decentralised power. It seems to me that the power industry has kept this from happening for quite some time. Wouldn't it be nice to have the equivalent of a "Mr. Fusion" to power your whole house for decades. Even if you could generate ALL your power, I'm sure some law would be passed that will enable to energy industry to "charge" (aka gouge) you a nominal fee for the privilege.

    This way, severe weather or terrorists, domestic or foreig

  • As an American, I thank Jian-Wei Wang for bringing a possible worst case senario to our fine country. I would hope that the Leaders of China don't grace Mr Wang's thoughts by throwing him under, in this case, a Tank. Maybe the lesson that the Chinese Government learned the hard way is being reciprocated in kind. China lost a whole generation of children when they, 1) Ignored Earthquake building codes, and 2) the warning of large dams make large earthquakes from an analysis at the University of Alaska. C
  • Didn't Enron do this almost every day in 2000 and 2001 to raise rates?

Dead? No excuse for laying off work.

Working...