Slashdot Mirror
Cal-ISO Breach Revealed
HiredMan writes: "The LA Times says in a story that 'hackers' had penetrated the Cal-ISO, the California electric grid parent company, and were attempting to compile code to allow them penetrate the 'firewalls' to access the actual grid control computers. Apparently the 'hackers' -- who came through a Chinese server -- breached a development computer that wasn't hardened and the intrusion went undetected for over two weeks until the intruders brought too much attention to themselves. Trying to downplay the incident one official said, 'It was a compromise, not really an attack.'" An anonymous reader pointed to coverage at MSNBC as well.
"If the Chinese government is sponsoring these 'hacker attacks', this is an act of war and should be treated like one."
Declaring something as an act of war IS saying something about military attacks, specifically retaliation-wise. Lay off the caffine, k?
But now it's 3-1! =D
We are not brainwashed. We are not brainwashed. We are not brainwashed.
(Just lazy, arrogant and ignorant.)
I understand the need for the internet's infrastructure for communications. However, there is something else to consider. Many US utilities outsource for programming. India provides some of the programming talent. I hope our utilities have experts reviewing the code before it is integrated into the system. One does not need to wage war through arms if one can simply turn out the lights. This does not mean that India would necessarily want to do this, but individuals could be surrogates for states.
So, If you hack into a power companies's computer, you could reboot everyone else's systems
:)
hawk
Anyone who has worked on control systems knows that most run their own proprietary networks and communications protocols.
Maybe that was true 15 years ago. Today everything is either DeviceNet (US), ProfiBus (Europe), or ModBUS (everywhere) -- there are other protocols but these are the Big Three. And with Industrial Ethernet becoming more and more popular, ModBUS/TCP (ModBus data structure inside a normal TCP packet), it is trivial to fuck up network.
True, you'll likely not know what you're dicking with since you won't have the device configuration files (DeviceNet) unless they were left lying around somewhere but just having the ability to spew trash out to all the industrial devices can cause some pretty massive problems all their own.
Warning: Too many connections in /include/common.inc.php on line 60
Unable to connect to database askadick. Be sure to edit include/common.inc.php.
...a Richard. Couldn't help it. I've had tons of luck with HE.net and Vex. Shell access as well as top notch service. Good luck!
Sweet merciful crap! Every two-bit, pinheaded, self-proclaimed Security Expert has rehashed the Common Wisdom for years that fingerd is FUCKING DEADLY! And damned if you aren't going to trot right into line, am I right?
Tell me... aside from a hole in Joe Random's Nifty-Keeno New-Fangled Finger Daemon and Lemon Peeler (Debian exclusive! As Seen On TV!) this year, and FreeBSD's "oops, we let it read the filesystem... as *nobody*" bug last year, what evil lurks in the hearts of finger daemons that should strike terror into the hearts of men?
God... next you'll be bitching that people leave (horror of horrors!) telnetd running.
Characters my posterior. If the power grid had been taken down, I can guarantee you that is tantamount to an act of war.
Consider that so far US armed forces who are developing similar capabilities have been restrained from using them for just such legal reasons.
Tell ya what - when you're sitting here with the lites out (and I will be) and the Western grid, not just CA is included.. is that funny?
Have you compiled your kernel today??
uhm - there was an article a few years ago in Linux Journal about how PG&E was looking at Linux to help do reporting and control. I also seem to recall a similar article from a Virginian Power company.
They're using commercial data com to talk now-adays. Heck, even the Richochet modems were invented originally to be power-meter readers (and they started with AX.25 for their first generation protocol!)
Have you compiled your kernel today??
Enough of your commie treason. Duffbeer703 has a point - if those hackers had been successful, a large chunk of California might have lost power for perhaps twenty or even thirty seconds before someone figured out that something was wrong with the computers and switched to manual override.
And if that momentary deprivation of electrical services isn't equivalent to the assasination of Archduke Francis Ferdinand, or the bombing of Pearl Harbor, I frankly don't know what is. A full-fledged atomic counterstrike is the only allowable course of action.
It's kind of like the "Zero tolerance policies" in the school system. Parents scream and yell about the violence in schools, the school system "gets tough," innocent students are persecuted and the real bullies get off.
Maybe he meant "attack" in the sense of "malicious intent by evil Commie terrorists" and "compromise" in the sense of "kids screwin' around"?
If the grid's monitoring and controlling
computers are actually connected to the net,
somebody in Cal-ISO needs to do some
prison time for criminal negligence.
This is inexcusable.
Why? So they can renew their license of Microsoft Power Policy Manager, of course!
What, you mean they don't control the power by going to
--
Use 'slashdot stuff' in the subject line in any email you send me if you want to get past the spam filter.
There has been call since the early '70s to require certification for programmers -- a way to make them financially responsible for the quality of their work would be on the lines of a construction company's bond. As long as we allow a software industry to permit mediocrity, we will be blessed with substandard systems even to a national disgrace.
The story is quoted from a lot of people whose core competency is politics, and not from network engineers. I wonder what the rest of the story is.
I have industrial strength security built on consumer gear for my network, why can't they?
Oh yeah, they can't afford my consulting rate.
-fb Everything not expressly forbidden is now mandatory.
Why the hell would important computers which control the power grid be accessable from the internet in any way.
It is cheaper than laying a dedicated net to all of the programmable power-controlling units. Remember that they must have an easy way to redirect the power (spare power is often sent to other countries buying it). But normally vital parts are strongly protected to ensure no outside interference. That is why heavy cryptography is commonly used in these businesses, and security is a big issue.
My father leads a power company. There they have a small dedicated net for the most vital parts, separate from the internet, which you have to call up using special routers. But his company is rather small compared to the system Cal-ISO controls.
"The assembler gave birth to the compiler. Now there are ten thousand languages." - Tao of Programming
Actually they probably have switches which can be configured for different VLANs, and then they won't have any extra costs for having them on a "separate" network.
"The assembler gave birth to the compiler. Now there are ten thousand languages." - Tao of Programming
"That's really amazing on two counts: that there were computers not behind a firewall and it took 17 days to discover," said state Sen.
What's more, dozens of ports into the computer system were open, when only a handful should have been available.
It seems strange how professionals can install a system full of securityholes and have it online. Probably that means their default distro of the operating system (their not mentioning which) has these holes per default. Since they have a system like this online for a relative long period of time, why should it not be probable that they also has many such systems behind the firewall?
Obviously they are reliabiling 100% on the firewall. If the intruders had made it through the wall, they would no doubt have easy access to many of the systems there. And that would be scary, if they can't secure such vital systems in a proper way.
I'm glad I don't live in California.
"The assembler gave birth to the compiler. Now there are ten thousand languages." - Tao of Programming
Hahahahah! Imagine a blackout hitting a computer inside the power company! That's about as likely as Bill Gates inviting Linus over for drinks.
---
--
Insert Witty Sig Here
Ok good reason. The computers need to talk.
But this is still good for dedicated networking.
With the Internet you still have hacks, Access to critical systems etc.
Plus the Internet is not as reliable as a network could be. It's no technical falt. Simply the bulk of the systems are untrusted. Even back bones and ISPs aren't entirely trustworthy.
Add to the picture the other traffic. The Internet carrys my Slashdot news, your Quake traffic, your power grid data could be delayed at a critical moment.
The Internet is best for NON CRITICAL information exchange. If you have critical information on critical systems put together a dedicated network. Same software same hardware as the Internet just dedicated equipment and a diffrent configuration.
Internet servers need to support 10 year old software pacages. Dedicated networks could reject packets at the backbone or service side that don't run the latest indent or what ever solution you pick.
When every server is "watching your back" it's much harder to hack and much easier to secure.
I don't actually exist.
--
--
Mod up a post Rob doesn't like and you'll never mod again
We have only a limited number of hubs
Who's "we"?
I'd be surprised if they're using hubs at all. Switches are better, they could implement VLANs to separate their mission critical networks from their "office" networks.
Your description is really scary - I hope your power companies have better IT/Network Operations departments...
Hear Hear! Just drop the routes to unnecessery hosts - now that is real security measures - and they work!
Until someone compromises one of those trusted systems...
I especially like the bollocks they use:
Colour it Green - call it red...
and so on...
This is bollocks! At it's best.
Necessary data connections between the netwoks are randomly disconnected by a mechanical device. Even developers working in the bank have limited internet access by a slow modem to a secure proxy server (which might make it a crappy job but also a fine place to put your money in).
Randomly? Do they randomly deposit money in their customer accounts as well?
oh come on! I have never heard such clap trap - Do you have a URL, rather than these weird urban legend approaches to network security?
slow modem? They use modems? Banks? I just can't believe it. I seen the Network installations of many financial institutions and there were very few modems - plenty of Switches, Firewalls and Routers though.
There isn't an 'energy shortage.' California as a state used 14% less energy this April than April 2000, while energy production in the country has increased in the same timeframe. Per capita energy consumption in California is lower than in 48 of the 49 other states in the union.
But Bush telling us that directing Federal agencies in the state to cut energy use by 10% will fix everything? That's an insult.
Kevin Fox
--
Kevin Fox
Sorry. Actually I won't.
The fact of the matter is Bush is catering to Texas energy companies he has a stake in, at the expense of California. Last week he came to our state and said he wouldn't impose price caps on energy costs in California because the prices were simply reflecting the law of supply and demand and that a spending cap wouldn't do any good. He stood on a podium next to our governor and insulted his intelligence by acting as if withholding natural gas to drive prices up for apopulation of 28 million people, and consequently cutting their power is not something the president has any reason to act upon.
Now let me tell you, you "ignorant fuck," that when I, through my utility, have to pay $1900 for a megawatt hour that goes for between $22 and $32 in Texas, New York, or Florida, that it's not because of supply and demand, but because of cartel price manipulation, so go fuck yourself before giving me any more shit.
Or if you actually think you're right, then explain why and don't be an Anonymous Coward.
Kevin Fox
--
Kevin Fox
We have quite a few power plants. We have power plants that are LYING DORMANT because the cost of natural gas PIPED IN FROM TEXAS is so high that using it to fuel said plants is too expensive for the energy produces, again because they are charging 40x-100x the prices the SAME COMPANIES (Enron, for example) charge other states.
A power plant for every california family wouldn't help if there's still a stranglehold on the fuel.
Read a book, or a newspaper, before spouting off such childish economic mantras, will you?
While we're at it, isn't it interesting that gas prices in San Juan Capistrano (California) are the highest in the country, at $2.35 a gallon, while the lowest in teh country is, any guesses? Yep, San Antonio, Texas, at $1.27. That's an 85% markup over Texas retail prices, and natural gas is far, far worse.
California generates 75% of the power it uses in-state. This is far more than most of the larger states.
Kevin Fox
--
Kevin Fox
On one hand, I'm supposed to ignore California's energy problems. But I'm supposed to be hard on any Chinese retaliation against us. Damn, and Cheney took the weekend off. Umm. I know! I can call for more spy satellites! It'll justify my higher defense budget, and they're made in California, so the Cali's will be using more energy, which puts money back into Texas! Win-win!
Kevin Fox
--
Kevin Fox
Funny, I don't know if it's still there but there was a Network Security Manager job opening at Cal ISO.
:).
I'd have appied myself but the job description was IMHO very pooly written. I got the impression they were looking for a suit that could actually say a handfull of buzzwords but not much else.
Bet they're looking for someone a bit smarted now
Given the rolling blackouts in California, I doubt anyone would have noticed even if they had succeeded :)
Hasn't anyone gthere heard of an air gap style perimiter? I can't think of any reason why the grid control computers should even have ANY links to the "real world" networks. Sure, perhaps so that they can be controlled from workstations on your LAN, but IMO, that's not really smart.
-- Sapere aude.
You know, I seem to recall the US bombing the shit out of Serbian power infrastructure...
Cracking Power Grid = bad
Putting 5000 pound bomb on the generators = good
Hmmm.
If you were me, you'd be good lookin'. - six string samurai
If I drop a packet sniffer on that network, what do you think I get?
EVERYTHING.
A switch isn't a real solution to that either, unless All the switches are configured correctly and securely I would only need 1 to get packets directed onto the 'secure' network.
While you don't want a single point of failure in a network, you also don't want to leave all the doors and windows open.
I love that quote. What, does she think that she needs to know every little common thing that goes on in a place like that? Does she think that compromises aren't a daily thing in this electronic world? If that same place had a stapler get stolen from the supply closet or hell a company car from the dealer that was working on it, would she have to have "official notification"? Would she expect for someone to realize a stapler was missing right away? People like that make me sick. She reminds me of a super I used to have that was always on my case wanting to know exactly what I was doing every minute of the day. Finally I got so fed up I literally wrote down everything I did for the entire day, minute by minute with notes. Some examples entries would be:
8:15AM Blew nose.
9:30AM Left to take a bathroom break.
9:33AM Arrived at bathroom. Took morning shit. Bad case of diarrhea. Took 9 wipes and 4 dabs and a lot of air freshener. Note to self: bring Peptobismal to work for desk drawer.
9:47AM Returned from bathroom.
10:12AM Picked nose.
10:43AM Did super's job for him because he was too busy planning his next vacation. 11:01AM Opened 3rd can of Mountain Dew.
11:05AM Took a Pepcid AC to combat bad acid reflux.
11:47AM Scratched myself.
1:00AM Went to worthless meeting of which I shouldn't be in because I have no part in anything discussed and nothing in it directly or indirectly affects me.
I documented to entire day like that but worse with even more vivid descriptions. I spent more time writing shit in my list than I did actually working that day. At the end of the day I sent it to my super and _the_ boss. Needless to say my super never asked what I was doing ever again. :-)
--
Or maybe they simply couldn't sleep because of their neighbour's overly loud stereo. So they spent their time doing something "useful". And if successful, they would have been able to rest in silence, undisturbed by the party below!
This a cute gimmick but fundamentally no different form any other opaque firewall approach that stages email and does not offer general IP connectivity.
An air gap is an air gap, that passes data only by human intervention. This product is not an air gap.
stopping genocide: good
If 'stopping genocide' requires unethical actions, why pretend that war is ethical at all?
qualified ethics : pointless
Sometimes the end does justify the means. If the evil combatted is so extra-ordinarily bad, and if the only way to bring it down is a slightly unethical action, I'd opt for the slightly unethical action, rather than the unspeakable evil.
Translation:
When fighting those without ethics the only way to win is abandon you own ethics.
Not that I disagree, my inital post was trying to convey that declaring we must fight wars in an 'ethical' manner is ridiculous. See "Apocalypse Now" for exactly my opinion on the matter.
Col. Kurtz : "The Horror...the horror..."
people who cripple themselves into inaction through excessive contemplation of 'ethics' = dead
Is there an echo in here? I could have sworn I just said that...
If you read the article you will see that they came in off machines in Santa Clara.
How we know is more important than what we know.
or hell, mandate that banks have backup power generators.. like every other country on earth!
How we know is more important than what we know.
Arnt worth much to americans. Which is what we were arguing about (apparently, it's hard to tell with this cocksucker).
How we know is more important than what we know.
I'll tell you about suffering! One day I had to stand outside in the California sun waiting to bank my pay check cause they were only letting people into the bank two at a time (no power == no aircon) and when I did finally get inside they couldn't look up my account number cause they didn't even have a backup generator for their mission critical computer systems.
How we know is more important than what we know.
you need to chill home boy. totally. read the paper I linked to, it quite clearly establishes that all is not fair in war, and that there have been rules in war for about the last 2000 years.
How we know is more important than what we know.
Alternatively we could just come to the often stated conclusion that the US is the sploiled brat of the world and doesn't know how to play fairly. After all, attacking civilians has never been a problem for your army. You should hang your head in shame, not stand up and say that is the way it should be.
How we know is more important than what we know.
The subject? I thought the "subject" was whether a (cyber)attack on a power grid was ethical or not. You're the one that has changed the subject to one of whether or not this is a big conspiracy manufactured by the government. My post simply states that there is no justification for taking down a civil power grid -- even if it is in war time. Go have your everyone is out to get me argument with someone else.
How we know is more important than what we know.
All is fair in war no matter what your own beliefs are.
The only relevant thing you have posted before you went off on a tangent. What is your supporting evidence for this? Oh, the US doesn't respect the universally accepted laws of war (primarily that you dont attack indescriminately) so it must be alright. Was your argument about conspiracy and "world government" meant to support your case that the US should be the ethical model for the world or what?
How we know is more important than what we know.
News Flash: You have no point. The actions of the US government is not the best place to start debating the ethics of war. Your government is lame, what are you trying to say? When AC's start questioning what the fuck you are on about it is time to stop replying.
How we know is more important than what we know.
This is disturbing because even if China was at war with the US this would not be an honourable attack. From this paper:
Since a control system is the portion of the electrical grid most vulnerable to computer network attack, and since it disrupts the transmission and distribution systems serving all consumers, such an attack is indiscriminate except in one isolated, hypothetical case. If it were possible to disrupt only the electricity to those targets which are proper for iron bombs (e.g., military facilities and defense industry targets making only war materiel), then, and only then, would such an attack be discriminate. Until such a capability exists, however, one must assume that an attack on electrical power facilities is an attack on noncombatants, including facilities such as hospitals, specifically excluded from attack by numerous treaties.
The widespread effects of electrical grid attacks are so devastating to a modern society that they are neither humane nor proportional to the military effect achieved. Iraq's experience after the Gulf War is an example. Neither water treatment plants nor sewage treatment plants were operational due to the long-term electricity outages. These combined to produce a major health crisis. During the year after the Gulf War, some estimates linked as many as 70,000 to 90,000 Iraqi deaths to the higher-order effects of life without electricity.[26] In Iraq, the outages were long-term in nature because the large, obvious generator halls were a favorite target of allied airmen, and these are more time-consuming and expensive to repair than distribution yards.[27] The efficacy of these attacks also has been called into question because many, if not most, military targets have backup power from dedicated generators, making them independent from the public power utilities. Thus, evidence from past wars suggests that air attack of electricity grids produces only a limited effect on the outcome of a conflict.[28] In such a scenario the military advantage would not outweigh the harm to civilians from reduced hospital capacity, diminished agricultural capacity, and reduced medical refrigeration capability. Indeed, "customary law" protects foodstuffs, crops, and medicines during time of war.[29] Attacking the political stability of an enemy by cutting off his electricity clearly is devastating to the civilian population and thus bears no resemblance to a discriminate attack.
The fedz are right to call these punks "terrorists."
How we know is more important than what we know.
Stop using the "Code" formatting method. Use "Plain Old Text".
------
the cal-iso doesn't and can keep our power on...
As the Attrition rant notes, petty vandalism has been going on pretty constantly for a while now. The tone of it has changed, slightly, now that the vandals are making the news, but what you're seeing now really isn't significantly different, in volume or content, than it has been for a while now.
To the extent that the reporter talks about the increase in Chinese attacks during the timeframe in question, the reporter is wrong. There was no such increase. There were $foohundred attacks then. There were also $foohundred attacks the month before, and there were $foohundred attacks the month after. Big deal.
Not all vapid propaganda has to come from big brother...
DO NOT LEAVE IT IS NOT REAL
What I think happened was, the Chinese were so pissed off at the United States, they figured that Bush and other politicians would be pissed if they actually gave Californians power as opposed to monopolizing it. Well one would have to know about Kenneth Lay of Enron being Dubya's biggest campaign contributor. (no wonder they won't cap electric costs)
Want Root?
First off Parameters is for ROTC school kiddies in training, and articles like that are nothing more than propaganda. If you take a look at history as you state sure there are rules, and those rules are always broken. Take a close look at what we (the United States) did in Serbia. We cause an ecological disaster with the warfare, water is polluted, air is polluted, etc. Sure you can think the Geneva Treaty is something glorious but its nothing more than more propaganda.
Facts are facts, and the fact is the military would never practiced what's preached in publicly available documents, everything is gonna look pretty for the people, but when you dig deeper the shit always comes out. I suggest you keep a sharp eye out for "Operation Dragonlord" should they ever release it via the FOIA, and you'll see exactly how shady the US government is in regards to China.
Last month they sent out warnings of a massive attack set to take place. Something which never happened. Why? Simple, create animosity between Americans, and the intended target, makes things simpler when you have to take action, and that's the bottom line.
Want Root?
Stick to facts, I can dish em out to point out why I think the way I do. Wow what how ironic this happens when the United States is hoping that the European Cybercrime Treaty is being finalized. An incidence like this would surely make politicians think twice about taking away a certain amount of rights from the people in order to maintain National Security wouldn't they?
Hell this could be what is meant by "justifying world government." See if the treaty goes through it would mean the United States LEA's would not have to depend on the liberties given to the people here, they could simply have their German counterparts subpoena things they've been denied in American courts. What power they'd have.
Look I'm in no way flaming you so don't take it that way, there's always two sides to every single issue. One thing that's certain is China's networking infrastructure is harsh on rules, and laws, so it'd mean harsh punishment for someone even trying to do things, and their up shit's creek so I personally feel they'd be reluctant to pull this off. Now on a technical level if the system was compromised do you know how easy it is to manipulate log records? Hell I could make you think Elvis or Tupac compromised that host. So for someone to say the Chinese did this, I could always come back and say oh yea, well someone using Nemesis, or HailStorm replayed a session to impose a Chinese did this.
Want Root?
Go have your everyone is out to get me argument with someone else.
Is that what you think for someone who posts a different view of what may be happening? I could care less about government, I don't hide from anyone especially using anonyminity. As stated I posted a substantialy documented rebuttal, and sadly you have no answer only a pathetic message.
Want Root?
Army accused of cover-up in Kosovar Albanian's death
Government Watchdog Agency for human medical experiments under investigation
Hydrazine Sulfate Cancer Coverup
THE COVER-UP OF GULF WAR SYNDROME -- A QUESTION OF NATIONAL INTEGRITY
The United States and Biological Warfare
THE UNITED STATES SINCE 1968
MKUltra, Uranium, Unsolved Homicide, Possible Genocide
My bad everyone must be wrong the government is such a great watcher and keeper of the peace. Maybe if you took the time to see things in an unbiased way you would actually have a clue. Me on the other hand I love government, and I truly love many of the policies they've created, but I would never turn a blind eye because they did one good thing so this enables them to perform 20 bad things in return. Fsck that.
Want Root?
All is fair in war no matter what your own beliefs are. Lest we forget how the "fedz" tried to hire a Russian hacker to infiltrate the Russian Federal infrastructure.
8 ,0 0.html|
|http://www.wired.com/news/politics/0,1283,4299
So if it was some Chinese hackers so be it, on the other hand what makes you think this couldn't be something like the government falsely reporting to bring up animosity amongst Americans towards Asians in case they wanted to wage a war? I suggest you see read what they had planned for Cuba before you think the feds are so fine and glorious
Get real no one knows truly what happened yet, and I'd be skeptical to jump the gun and believe the first thing written about the whole case. And as for your "fedz have the right to call these punks terrorists" you better wake up and smell the coffee there, if your not 100% pro government including all of their FUD/Errata/Schemes [1, 2] then your considered just as much a terrorist as anyone else.
Want Root?
They probably lease their desktops, but I doubt that they lease the critical infrastructure computers. They're probably "big iron" anyways.
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
Actually, they have their own internal networks for grid control, they needed this ability years ago, and since at that time there wasn't an "internet" yet, they were forced to build their own.
I just hate when I drop a dognut on the control boards... that powdery white stuff makes the lights and buttons make a funny fzzzzzzap sound.... ;)
There is a difference between real time grid *data* display systems and grid *control* systems. I don't believe it's possible to generate control signals by breaking into a remote internet data display PC. If that's what happened. Looks like only grid operating data could be compromised. If that lead to control actions by grid operators based on false inserted data then I could see a negative effect. I just don't see how a person could *directly* insert control *signals* (as opposed to data display info) on their own from the internet. Allthough I have some experience in this area, I am *not* a grid operator, so I'm just going from my experience and educated guesswork.
They're most likely not. It is very handy to have the ability to *display* grid information to selected authorized PC's, but the actual control network is something totally different. Usually the control network is mostly run on the high power lines themselves or selected microwave links. A lot of this pre-dates the internet as we know it. If you know what DDSMS stands for, then you know what I'm talking about. I seriously doubt anyone could control equipment on the grid remotely through an internet connection. But maybe I'm just ignorant.
I can't speak to number (1) except to say that it's my impression that the vitual private networks are over their own network not the general internet. The replacement of really old non-networked stations I believe was done with an internal network that (again my impression) uses a proprietary protocol. And (3) I think you are confusing the system that remotely controls power output of some of the (usually smaller) power generators to match load moment by moment (frequency and VAR loading) with a separate system that controls grid switching. Also, all the really critical stations (switching centers) are all manned stations, with manual switching controls (usually). And these stations can remotely operate the smaller stations near them. I don't believe you can operate power circuit breakers from some anonymous PC on the internet. I believe it would be done from a control board at a switching center with a direct link to equipment at a smaller unmanned station it is responsible for. Not using a conventional PC. And except for emergencies, under the direct orders of the grid control center/grid operation center (Cal-ISO).
They do indeed have their own fiberoptic capacity. Plus there are indeed methods and equipment to carry control signals on the lines themselves. All the data that you mention is available from servers specifically setup to supply it, these servers have no ability to generate control signals, that (AFAIK) is done with separate equipment. So other than the compromise of operating data, I don't see what else could have happened. I admit I'm probably ignorant. But I'm looking at a grid display right now, and I'm an authorized person, and *I* can't cause anything to actuate even if I wanted to. The data display stuff is simply not set up to do that. But like I said I'm most likely ignorant of all the clever ways to get around stuff. Sigh.
If you're wondering about security devices which allow for secure transfers of data, you might want to check out Airgap. It's been developed for absolutely secure data transfer. There is a physical separation between the two networks.
Full details are on the site.
--
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
Think about it for a second.
Why would anyone outside of North America need to access computer systems, or firewalls, or routers leading to Public Utility companies? Why haven't these systems/firewalls/routers/tincans-on-a-string not been programmed to block any traffic coming from overseas? It isn't secure, by any means, but it *will* make it more difficult for these overseas hackers to gain access.....
Feed the need: Digitaladdiction.net
But, as the article points out, they crackers were trying to break through a firewall. So, there could have been VLANs connected at some point by a firewall.
Face it, if you have a secure control network, you'll really really also want some access to that network from the less-secure office network. Otherwise, generating reports and stuff on operations requires people running tapes around. There's also a strong motivation to get email in and out of a secure network.
They should have also had better security in place for their office network. My guess is that they had rooted the unsecure machine and were putting together some executables to spoof the users into giving up the firewall access. If the control system firewall used secure key cards, this would make things more difficult, but not impossible.
Running a private network for the secure systems isn't difficult. Making it completely isolated from other networks is difficult for political reasons. There's just such a temptation to allow some kinds of access through. With proper security, you should be able to pull it off.
Since most people run Windows, they'll eventually reboot themselves.
I've heard that some people power down their computers at night, even if their operating system is stable.
The shareholder is always right.
Maybe we'd even see some laws passed mandating secure systems for companies that should require security, such as banks and power companies.
I doubt it. More likely, we'd see a more paranoid law enforcement, and even harsher penalties to those kids who get cought while playing around. I'd certainly doubt it would have the effect you want it to have.
Just for the record btw: I do not want to defend the attackers. I do think, however, that the penalties often applied to "hackers" are insane, to say the least.--
May we live long and die out
Of course, if they'd succeeded in California chances are no one would have noticed.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Nothing beats security through unusability!
- Steeltoe
http://www.debunkingskeptics.com/
Chinese communist hacker: After we complete our attack to the electric grid, we will bring chaos to the ENTIRE WORLD!! HAHAHAHAHAHA
James Bond (trapped on a complicated mechanism designed to kill him after 40 minutes): You will never get away with this !!!
Chinese communist hacker: See you in hell Mr. Bond. HAHAHAHAHAHA (and leaves the room)
--
--
Stay tuned for some shock and awe coming right up after this messages!
Mr. Sample is certainly correct in stating that the hackers could have appeared from anywhere. But it is rather suspicious that such an attack which COULD have originated in China would occur at the height of a Sino-US diplomatic crisis. I don't know who did this, but if it was me then China would be the perfect place to run this through since we are having problems with them now. Some NSA or FBI leader quik to take credit for solving the crime see's China come across as a location that part of the attack originates at and BANG that must be it!! Leaving me hi and dry, and all our resources directed at China, and when they cannot solve it they blame it on China not cooperating. I do not crack nor condone cracking.
iRepairIT - iPhone, Mac, & PC Repair
Trying to downplay the incident one official said, 'It was a compromise, not really an attack.
He said that in an attempt to downplay the incident? Does he actually understand what either of those words mean? How is it better to have people actually break into your system (compromise) than to have them trying, but failing (attacking)?
sig fault
Anyone who has worked on control systems knows that most run their own proprietary networks and communications protocols.
So even if these guys got through, they might not even know what they're looking at.
And that could only happen if the automation network has contact points with the other networks. (hopefully unlikely, unless they are stupid).
IANANE (I Am Not A Networking Expert), but couldn't two seperate networks be theoreticially accomplished over the same wires via creative assignments of IP addresses & subnet masks?
IE, if one set of computers was 121.128.0.x, and the other was 121.0.0.x, and the subnet mask was 255.128.0.0.0 (forgive me if I get this wrong, I forget whether subnet masks are negative or positive), the computers might not be able to talk to each other, especially without a gateway set on the internal ones.
"Evil company X is threatening to restrict our rights! Let's all get together to stop--OOOH! SHINEY!!!" -- AC
Shouldn't the state put such a thing in the license of the power company?
Banks in Israel started providing service through the internet about two years ago. The Israeli bank-supervisor forced them to put it on a seperate network than the bank interior network. Necessary data connections between the netwoks are randomly disconnected by a mechanical device. Even developers working in the bank have limited internet access by a slow modem to a secure proxy server (which might make it a crappy job but also a fine place to put your money in).
This is basic stuff, but I guess people care more about their bank account than their electric bill. Let them back to the caves.
slashdot rules!
--- "How to Kiss Ass", chapter twelve.
"That's really amazing on two counts: that there were computers not behind a firewall and it took 17 days to discover," said state Sen. Debra Bowen (D-Marina del Rey), who chairs her chamber's Energy Committee.
:P
Not condiering it was a new system. They got victimized, and it sounds like it wsa a cae of lucky best hacker finding a machine open during a portscan. Id bet the OS was fresh out of the box and configuring for security...they probably were 'gonna do it soon'. So they got busted.
17 days: these things can go unnoticed for lots longer thean that. Sounds like they were doing a monthy security audit, and when 'Uh-oh, we gotta big mes to clean up." That, or they wondered who wsa runnning make
...Time is the best teacher, unfortunately it kills all of its students.
Because they want/need the ability to remote control their hardware. OK, you're doing rolling blackouts, youcan
;)
1) man a staff to sit b each of the switches and hope they do theri jobs properly, and don't, say, blackout their ex-units neighborhood all day
2) Use computers, but string up your -own- pipe. Wait for the project to complete. Explain to taxpayers why this is a multi-million dollar project.
They probably have leased lines and/or use tunneling and encryption for their MC apps, if not their entire network. If not, we'd know about it sooner
...Time is the best teacher, unfortunately it kills all of its students.
I've been trying to download the iso all day!
.oO0Oo.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
When this (FERC Rule 888, aka the Mega-NoPR)was being discussed, one of my co-workers fought long and hard to have it on a private network. The powers-that-be, however, thought it was important that every Tom, Dick and Harry Power Marketer should be able to access the system at minimum cost, i.e., via the Internet. *sigh*
Milalwi
Ooops, wrong rule...
This is the correct FERC rule.
Milalwi
What, me worry?
Let's see... a dev machine in front of the firewall but with internal network access... no tripwire, promiscuous ports all over the place... wow. Wish I could do that. Think about it for a second. If everyone set up their machines like this, ...
Run NMAP on your local college's net......Some of the boxes at a certain college around here *cough*GSU*cough* still run the FINGER daemon, for gods sake..
But well, the Chinese hackers already declared war on the american infrastructure. Kinda makes sense, no?
If you drive by your ex wife's house every morning yelling "I'm going to kill you", and one day they find her dead, guess who's going to be on Cops?
Chinese government officials stated about two months ago that the Chinese people were "very angry at the US spy plane situation and many retaliate by attacking US computers"
Two months later we find out that a critical piece of US infrastructure was hacked.
The fact that China is a black hole as far as law enforcement is concerned, and that Chinese authorities tightly control internet access makes it worthwhile to investigate whether or not there is any Chinese involvement.
Conformity is the jailer of freedom and enemy of growth. -JFK
I didn't say anything about military attacks, you ignorant karma whore.
Here is the complete text of my post:
"If the Chinese government is sponsoring these 'hacker attacks', this is an act of war and should be treated like one."
I had assumed that an intelligent human being would be able to reason what exactly the word 'If' means. 'If' implies that some sort of investigation would determine who exactly carried out these attacks.
Since many of the servers originated in China, and Chinese government officals recently stated publicly that 'angry chinese citizens' would likely launch such an attack in the wake of the US spy plane crisis, it stands to reason that the Chinese government may have had some involvement.
I'm glad that you were not attempting to ridicule me, because you completely failed to do so. Instead you displayed your own ignorant knee-jerk reaction to the term 'act of war' by implying that I am some sort of ignorant militarist straight out of The Manchurian Candidate calling for a shooting war with China.
Conformity is the jailer of freedom and enemy of growth. -JFK
I'm sure you won't heel to any argument, but I'll try anyway.
According to the article, the main security report stated that "the main attack was routed through China Telecom from someone in Guangdong province in China"
James Sample, the Computer Security Officer at ISO stated "You don't know where people are really from".
Mr. Sample is certainly correct in stating that the hackers could have appeared from anywhere. But it is rather suspicious that such an attack which COULD have originated in China would occur at the height of a Sino-US diplomatic crisis.
This is especially suspicious given that fact that the article specifically states that "In early May, there were hundreds of publicly reported computer attacks apparently originating from China."
And my government is not feeding me propaganda regarding some imaginary Chinese cabal. The Los Angeles Times is not an agency of the United States government. The ISO is a public authority chartered by the State of California and also not an organ of the Federal Government.
I would humbly suggest that you drop the anti-government conspiracy theories and pay attention to facts.
Conformity is the jailer of freedom and enemy of growth. -JFK
......running windows?
are you suggesting that they don't run an operating system? They probally don't run a traditional operating system, its a special use machine, and frankly wouldn't benifit from having internet explorer (uh, I mean win2k).
Spring is here. Don't believe me, look outside!
hold the phone --- They have thier power lines running all over hell and back, couldn't they just run a small chunk of fiber optic line with it for communication and controls?
Spring is here. Don't believe me, look outside!
Why the hell would important computers which control the power grid be accessable from the internet in any way. I realize everyone wants to look at thier porn while they are at work, but bring it on CD god damn it! Repeat after me: Mission critical systems which to not explicitly require internet access should not have internet access or be on the same network as machines with internet access. Its all about which machines can be trusted, and as far as I am concerned, any machine which is accessable from the internet or has internet access is not to be trusted.
Spring is here. Don't believe me, look outside!
Won't somebody please think of the children?!
One simple rule for its versus it's
I grew up a mile away from a nuclear power plant: namely, Three Mile Island. Here in Pennsylvania, we don't cry and whine about how power plants make things dirty and ugly, and then when we run out of power act like Maryland and New York should just give it to us. Go ahead and complain about neighboring states selling it to you expensively, they'll keep on doing it until you produce your own. Why the hell are Californians so damn arrogant they think the rest of the country needs to subsidizd their big yuppie homes and yuppie businesses? Forget it. And when you successfully defeat the ANWR oil drilling then come back to complain about high gas prices two years from now, you can fuck off then, too. Jackasses.
If it ain't broke, you need more software.
Gee, I didn't know Cal-ISO was running Linux.
The feds can investigate till their blue in the face but you aint going to find any evidence worth a damn by internal investigations... if you really wanted this to be investigated you would have to use the CIA too.
There should be no link between the internetnet and this, not even people logging in remotely should be allowed to have their computer on the internet at the same time. Preferrably no computer which ever had been used to get on the internet should be allowed to access their network... but thats kinda hard to enforce. Still it should be easy enough to ensure that they dont have a truly direct link to the internet, there is just no good reason which justifies the risk IMO.
How do they know hackers did it and it wasn't a bunch of jocks?!? They haven't seen the suspects responsible so how can they blame a specific group? This is like a murder occurring and police saying "Well, noone has seen the suspect but we bet it was a black male aged in his 20s".
-----
Isn't that what the cable modems do? Plenty of noise out there with all sorts of Win9x boxes - course my Linux / CS server got cracked the other day, so I guess I can not cast stones here....
+++ UGUCAUCGUAUUUCU
Let's see... a dev machine in front of the firewall but with internal network access... no tripwire, promiscuous ports all over the place... wow. Wish I could do that. :-)
Think about it for a second. If everyone set up their machines like this, the hackers wouldn't be able to pick out a target amid all the noise! Of course, that would be the end of online shopping, but that's overrated
Shame on the irresponsible people who would so ignorantly play Russian Roulette with the California electrical grid. The power system is dangerous as it is, and the potential exists for real human suffering if it should collapse. No need for more incompetence (on top of the legislators who created the mess in the first place) to help bring the whole thing down. I hope that the person whose machine that was is aware of just how bad they fscked up.
political_news.c: warning: comparison is always true due to limited range of data type
Ok, duffbeer703, you may have a point. I guess I was responding to the brief, abrupt way you were making an if:then statement involving acts of way. Such words are not to be bandied about loosely, even in flamewars.
political_news.c: warning: comparison is always true due to limited range of data type
Er... I meant to say acts of war. I think acts of way would have an entirely different meaning :)
political_news.c: warning: comparison is always true due to limited range of data type
My point isn't to ridicule you, but to strongly encourage you to think before you talk about military attacks. Nobody wins when a country goes to war. The first time somebody dies, everyone loses, simply because we know better, or should.
political_news.c: warning: comparison is always true due to limited range of data type
no no no, the attack came through several servers, one of which was chinese, the others were in the US. They mentioned china, cuz of their political significance
----------
www.shockthemonkey.org
Photos.
People seem to be ignoring the security issues. One cannot be safe enough, and if we don't watch it we will be in the hands of people who can (and maybe will) shut down entires cities, only because the can. Imagine an army of crackers attack a single nation in an attempt to knock out the power grid prior to a traditional attack. Freaky.
I smell civil war... maybe they are gangsters in Nevada trying to push their plans on the state?
Maybe it's Texas and Oklahoma, they are planning to annex with Mexico and take Cali with them.
Which is fine with me, I live in Ohio.
Get your Unix fortune now!
As others have explained to you in this thread, the use of a server in China implies nothing about the Chinese government. If a Chinese hooker gives you the clap, do you blame Beijing?
But what does deserve scrutiny is why we've even been told that a Chinese server was used. Given the recent contretemps over US spying, you might use a bit of imagination and ask why your own government might like you to reach the kneejerk conclusion that you so ploddingly have.
Well, I've read the article and the posts up till now, and am surprised that nobody else caught this...
Right after it says this:
In what may have been the most significant lapse, the system being developed was not behind a firewall, a security element designed to keep out those who are not entitled to access.
Additionally, so-called tripwires that might have alerted agency security personnel to the unauthorized entry were nonexistent. Nor were there logs within the system that might have identified users entering the system as the infiltration was occurring, the report notes.
Sample, the security engineer who wrote the report, downplayed the potential threat and says:
The attack was "something that we've been anticipating."
Hmmmm....
They must have some "hot shot" security experts working there I guess...
I wonder what their security was like before they anticipated the compromise?!!!
If it don't GO... chrome it. ~ Frank Banks
Now the Californian can blame *someone* for their power problems.
--
Two witches watch two watches.
--
Two witches watched two watches.
Which witch watched which watch?
I happen to know for a fact that there are still Chinese hackers carrying on attacks against US computer systems. I can't give the details but I know of some systems that are still under attack.
"If there is nothing you are willing to die for, then you are not really alive." Myself
If the Chinese government is sponsoring these 'hacker attacks'
I simply cannot believe how thoroughly brainwashed Americans seem to be. I hope that it is only a minority. If it is, it is certainly quite a vocal minority.
If the statement was "GODDAMN COMMIE OPPRESSORS TRIED TO HAX0R OUR POWER! WHERES MY GUN
Actually thats essentially how the statement sounded. I'm sorry if you're too subjectively involved to see the situation from an objective, outside perspective.
oh, how pathetic..
i can see you're the kind of person who gets their rocks off saying 'tough shit' to people when something unfortunate happens... presumable because of the false sense of superiority it gives you. i bet you laugh at people in the southeast when a hurricane comes through, saying 'oh, they should've built there house somewhere safe. like where i live, in my parents' house'.
presumably, you are perfect, and i'm sorry if i and most of the other people you meet in the course of your day fail to see that. but the ignoramuses in this group - myself included - may feel that life is complex, and that sometimes don't work according to some little rulebook of 'how things should work'.
let's see how profitable power is... in line with your simplistic capitalist arguments, i could say 'if producing power wasn't profitable enough, people would go into other industries... like making steel'. interestingly enough, there are steel plants in the northwest that have ceased production, and are selling power full-time to california because they are able to sell it as several hundred times the market price.
anyway, keep yelling tough shit, because no matter where you live, power shortages aren't going to be to long in arriving...
A: None. The Universe spins the bulb, and the Zen master merely stays out of the way.
Look, right now, all you have to di is fiddle a little, see what is working, then try to find something called Telnet and Go !
It's not that much, but think how far those chineses are ready to go to be sure they beat California Q3 contest....
AND :
If you are running something critical without you own generator, you deserve to be shot 8(
It takes 40+ muscles to frown, but only four to extend your arm and bitchslap the motherfucker
Part of what is killing Linux to newbies (newbie hackers, I mean, not newbie button clickers, which is another matter) is the default closing of all the 'holes' in commonly available Linux distributions.
Four years ago when I was first fiddling around learning how to Network computers together (on my mass of cast-off 386sx systems and ancient 3c501 and 3c503 cards) it was easy just to get stuff like NFS up and running Samba was wide open, friendly and it was trivial to throw together a bunch of boxes in the basement to start playing with networking.
These days everything is locked up as tight as a steel drum by default. The hassles inherent in getting any machines to interoperate are far greater than they used to be.
It's really a shame, in a way, because it used to be so cool just to throw Slackware on a bunch of boxes and start playing.
My point isn't that it's any harder for someone 'in the know' to get a network up and running. It's that everything is newbie-hostile these days, not newbie-friendly like in the olden times.
Nobody said that liberals and 'progressives' had to use logic in their arguements. I mean, look at the bleating masses who follow them. Logical arguement? Pshaw!
"Paint a sign and let's go chant more slogans."
Then how come we (USA) put such stringent embargoes on food imports to Iraq? They don't affect the high command - heck no - but they starve the citizens on the streets. If this is "right", what's wrong with attacking a power grid? And if it isn't right, why are we doing it?
I'm the stranger...posting to
One of several servers through which the attack was routed was located in China. Big deal. They could have routed through a server in Zaire or Sweden or any country you care to name, ping permitting. The geographical location of a server does NOT imply the complicity of any particular government. You might as well say we should investigate the possibility of a chinese conspiracy because the crud sound system you bought was built in china.
/.ers nuked Beijing as "retaliation". You never know who has a /. account, after all...
Just wanted to make sure no
I'm the stranger...posting to
I don't know if this is what happened in this case, but a lot of computers in my school that have "mission-critical information" (gradebooks, student records) do not need to be on the Internet for any reason, but are on the same network as computers that are. The reason for this is simple: We have only a limited number of hubs, and there simple aren't enough to maintain two entirely seperare networks. Since the gradebook boxes do have to talk to each other, that means they have to share hubs with Internet machines. Could that be what happened in California?
I'm the stranger...posting to
Silly opportunists in California. You elected democrats to ru(i)n your State -- now you blame Bush (and the Chinese?) for your problems.