Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cal-ISO Breach Revealed

Posted by timothy on from the breaking-and-entering dept.

HiredMan writes: "The LA Times says in a story that 'hackers' had penetrated the Cal-ISO, the California electric grid parent company, and were attempting to compile code to allow them penetrate the 'firewalls' to access the actual grid control computers. Apparently the 'hackers' -- who came through a Chinese server -- breached a development computer that wasn't hardened and the intrusion went undetected for over two weeks until the intruders brought too much attention to themselves. Trying to downplay the incident one official said, 'It was a compromise, not really an attack.'" An anonymous reader pointed to coverage at MSNBC as well.

17 of 158 comments (clear)

  1. So, If you hack into a power companies's computer, by Anonymous Coward · · Score: 4

    So, If you hack into a power companies's computer, you could reboot everyone else's systems

  2. Close call by Mike+Schiraldi · · Score: 5
    The hackers were this close to setting off their attack, but luckily before they could initiate the program, the rolling blackouts hit the server they were using.

    --

    --

    --
    Mod up a post Rob doesn't like and you'll never mod again

  3. Re:Uh, why? by GC · · Score: 3

    Necessary data connections between the netwoks are randomly disconnected by a mechanical device. Even developers working in the bank have limited internet access by a slow modem to a secure proxy server (which might make it a crappy job but also a fine place to put your money in).

    Randomly? Do they randomly deposit money in their customer accounts as well?

    oh come on! I have never heard such clap trap - Do you have a URL, rather than these weird urban legend approaches to network security?

    slow modem? They use modems? Banks? I just can't believe it. I seen the Network installations of many financial institutions and there were very few modems - plenty of Switches, Firewalls and Routers though.

  4. What a dilemma for Bush by KFury · · Score: 3

    On one hand, I'm supposed to ignore California's energy problems. But I'm supposed to be hard on any Chinese retaliation against us. Damn, and Cheney took the weekend off. Umm. I know! I can call for more spy satellites! It'll justify my higher defense budget, and they're made in California, so the Cali's will be using more energy, which puts money back into Texas! Win-win!

    Kevin Fox
    --

    --

    Kevin Fox
  5. Re:War Ethics by Rinikusu · · Score: 5

    You know, I seem to recall the US bombing the shit out of Serbian power infrastructure...

    Cracking Power Grid = bad
    Putting 5000 pound bomb on the generators = good

    Hmmm.

    --
    If you were me, you'd be good lookin'. - six string samurai
  6. War Ethics by QuantumG · · Score: 4

    This is disturbing because even if China was at war with the US this would not be an honourable attack. From this paper:

    Since a control system is the portion of the electrical grid most vulnerable to computer network attack, and since it disrupts the transmission and distribution systems serving all consumers, such an attack is indiscriminate except in one isolated, hypothetical case. If it were possible to disrupt only the electricity to those targets which are proper for iron bombs (e.g., military facilities and defense industry targets making only war materiel), then, and only then, would such an attack be discriminate. Until such a capability exists, however, one must assume that an attack on electrical power facilities is an attack on noncombatants, including facilities such as hospitals, specifically excluded from attack by numerous treaties.

    The widespread effects of electrical grid attacks are so devastating to a modern society that they are neither humane nor proportional to the military effect achieved. Iraq's experience after the Gulf War is an example. Neither water treatment plants nor sewage treatment plants were operational due to the long-term electricity outages. These combined to produce a major health crisis. During the year after the Gulf War, some estimates linked as many as 70,000 to 90,000 Iraqi deaths to the higher-order effects of life without electricity.[26] In Iraq, the outages were long-term in nature because the large, obvious generator halls were a favorite target of allied airmen, and these are more time-consuming and expensive to repair than distribution yards.[27] The efficacy of these attacks also has been called into question because many, if not most, military targets have backup power from dedicated generators, making them independent from the public power utilities. Thus, evidence from past wars suggests that air attack of electricity grids produces only a limited effect on the outcome of a conflict.[28] In such a scenario the military advantage would not outweigh the harm to civilians from reduced hospital capacity, diminished agricultural capacity, and reduced medical refrigeration capability. Indeed, "customary law" protects foodstuffs, crops, and medicines during time of war.[29] Attacking the political stability of an enemy by cutting off his electricity clearly is devastating to the civilian population and thus bears no resemblance to a discriminate attack.

    The fedz are right to call these punks "terrorists."

    --
    How we know is more important than what we know.
    1. Re:War Ethics by duffbeer703 · · Score: 4

      Are you crazy? This is Slashdot!

      These 'hackers' were just bored geeks. In fact, the chances are high that they were 'white hats' and simply wanted to let the administrators know there was a problem!

      --
      Conformity is the jailer of freedom and enemy of growth. -JFK
  7. Oh give me a break from the dramatics by joq · · Score: 3

    All is fair in war no matter what your own beliefs are. Lest we forget how the "fedz" tried to hire a Russian hacker to infiltrate the Russian Federal infrastructure.

    |http://www.wired.com/news/politics/0,1283,42998 ,0 0.html|

    So if it was some Chinese hackers so be it, on the other hand what makes you think this couldn't be something like the government falsely reporting to bring up animosity amongst Americans towards Asians in case they wanted to wage a war? I suggest you see read what they had planned for Cuba before you think the feds are so fine and glorious

    Get real no one knows truly what happened yet, and I'd be skeptical to jump the gun and believe the first thing written about the whole case. And as for your "fedz have the right to call these punks terrorists" you better wake up and smell the coffee there, if your not 100% pro government including all of their FUD/Errata/Schemes [1, 2] then your considered just as much a terrorist as anyone else.

    --

    Want Root?
  8. Re:Uh, why? by leucadiadude · · Score: 3

    They do indeed have their own fiberoptic capacity. Plus there are indeed methods and equipment to carry control signals on the lines themselves. All the data that you mention is available from servers specifically setup to supply it, these servers have no ability to generate control signals, that (AFAIK) is done with separate equipment. So other than the compromise of operating data, I don't see what else could have happened. I admit I'm probably ignorant. But I'm looking at a grid display right now, and I'm an authorized person, and *I* can't cause anything to actuate even if I wanted to. The data display stuff is simply not set up to do that. But like I said I'm most likely ignorant of all the clever ways to get around stuff. Sigh.

  9. If They'd Succeeded... by Greyfox · · Score: 4
    We might start seeing people with no computer background (PHBs, the guy on the street, etc) taking security seriously. Maybe we'd even see some laws passed mandating secure systems for companies that should require security, such as banks and power companies.

    Of course, if they'd succeeded in California chances are no one would have noticed.

    --

    I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

  10. Re:Uh, why? by zunix · · Score: 3
    I hear you, sister!

    Shouldn't the state put such a thing in the license of the power company?

    Banks in Israel started providing service through the internet about two years ago. The Israeli bank-supervisor forced them to put it on a seperate network than the bank interior network. Necessary data connections between the netwoks are randomly disconnected by a mechanical device. Even developers working in the bank have limited internet access by a slow modem to a secure proxy server (which might make it a crappy job but also a fine place to put your money in).

    This is basic stuff, but I guess people care more about their bank account than their electric bill. Let them back to the caves.

    slashdot rules!
    --- "How to Kiss Ass", chapter twelve.

  11. Uh, why? by chompz · · Score: 5

    Why the hell would important computers which control the power grid be accessable from the internet in any way. I realize everyone wants to look at thier porn while they are at work, but bring it on CD god damn it! Repeat after me: Mission critical systems which to not explicitly require internet access should not have internet access or be on the same network as machines with internet access. Its all about which machines can be trusted, and as far as I am concerned, any machine which is accessable from the internet or has internet access is not to be trusted.

    --
    Spring is here. Don't believe me, look outside!
    1. Re:Uh, why? by blang · · Score: 5
      Because the internet exists.

      Power generating companies, power distribution companies, power exchanges all need to talk to each other. In the old ages that may have been done by dedicated links, faxes, phone calls and many other ways. Standards for information exchange have existed for a long time (for example EDIFACT). The bank world has it own worldwide network for bank transactions, but that network existed before the internet tok off.

      Computers at the core of the powergrid control need inputs from computers on the outside. It's not like the old days anymore, where all you needed was a control center with dials, lights and switches, and a handful of information from the outside. These days, systems are connected, and if the security job is not done well, systems will be compromised.

      I don't know the network topology for CAL-ISO, but it should be possible to achieve decent security if the job is well done. I don't think the power industry is going to build their own proprietary network.

      --
      -- Another senseless waste of fine bytes.
  12. This stuff shouldnt be linked to the internet... by PinkyAndThaBrain · · Score: 4

    There should be no link between the internetnet and this, not even people logging in remotely should be allowed to have their computer on the internet at the same time. Preferrably no computer which ever had been used to get on the internet should be allowed to access their network... but thats kinda hard to enforce. Still it should be easy enough to ensure that they dont have a truly direct link to the internet, there is just no good reason which justifies the risk IMO.

  13. Re:This needs to be investigated by the Feds ASAP by tulare · · Score: 5
    Great. So let me see... is this how it goes?
    [BUZZWORD]..hack attack... [BUZZWORD]...Chinese servers... {Knee suddenly jerks}"What? How dare they? Call the cops! Write my congressmen! Facts be damned - we can ask questions after everyone's dead! We have do DO something, right now!"
    Silly. We don't even know what part of the world the attacks came from - just that some of the servers were in China. Did you notice that some of them were in Oklahoma, too? Maybe California should start a pr blitz on that account - "Oklahoma is not ok!" Of course that would be ridiculous. Just about as bad as blaming an entire country for one script kiddie who may have been operating out of it.
    My point isn't to ridicule you, but to strongly encourage you to think before you talk about military attacks. Nobody wins when a country goes to war. The first time somebody dies, everyone loses, simply because we know better, or should.
    --
    political_news.c: warning: comparison is always true due to limited range of data type
  14. Read the WHOLE article by metalhed77 · · Score: 5

    no no no, the attack came through several servers, one of which was chinese, the others were in the US. They mentioned china, cuz of their political significance

    ----------
    www.shockthemonkey.org

    --
    Photos.
  15. Cool by Ayende+Rahien · · Score: 5

    Now the Californian can blame *someone* for their power problems.


    --

    Two witches watch two watches.

    --

    --
    Two witches watched two watches.
    Which witch watched which watch?