Satellite Views Of The Blackout

An anonymous reader writes "These Before and After satellite views of the blackout, from the NOAA, show the geographic extent and intensity of the outage. Toronto, Ottawa, and Detroit seem the worst hit. Currently, a cnn article mentions that a reverse of power flow around Lake Erie may have caused an overload that triggered the programmed shutdown of the power grid. Would be interesting to know how the system and software works, but then again, that information could be dangerous in the wrong hands."

Dangerous in the wrong hands?

[bc90021]

If a private citizen were to show the interconnections of the power grid on their website, what would happen? How long would it be before the government ordered him/her to remove that information in the interest of "National Security"? Why is it that CNN can show it freely? A similar map was being broadcast on TV all morning.

And as for how the software works, it would be interesting to know just what OS the power company computers were running. Not to sound like a conspiracy theorist (well, ok, that's exactly what I'm trying to sound like ;) ) as soon as there were variants on the Blaster worm, a large section of the power went out? Hhhmmm...

Re:Dangerous in the wrong hands?

[weave]

Some people on bugtraq are already speculating that the blaster worm may have had something to do with it...

• a post
• another post
• Info on SCADA

Got me if it's true. I'm not up on that stuff. Made for some interesting reading though! :)

Re:Dangerous in the wrong hands?

[TimTheFoolMan]

This is almost funny, were it not something that has affected so many people in a serious way. My group works with OPC systems every day (doing integration work between various BAS systems and 3rd party products), and one of my biggest concerns with OPC is when we're forced to deploy it via DCOM.

By definition, OPC uses COM for local (within the same PC) client/server interaction, and DCOM for client/server interaction across a network. The setup, connect, and disconnect issues surrounding DCOM have spawned an industry within the OPC industry for working around these issues.

For example, some OPC servers require "remote registry browsing." This means exactly what it sounds like. My computer browses the registry of your computer so I can find out what OPC servers you have installed. In one of its better moves, Microsoft told the OPC foundation that future versions of Windows would restrict remote registry browsing, so they've come up with various solutions. However, some older servers still require this for server browsing, and some companies (ahem) are perfectly OK with it!

Last week, I exchanged e-mails with another engineer who suggested that because my group wanted to avoid DCOM security issues, that it must be because we weren't technically savvy enough to do so. I'm on the other side wondering why he's willing to put the customer's system at risk.

Now, back to reality, W32.Blaster attacks a machine using remote procedure calls, and OPC uses RPC to perform client/server data transfer. While setting up a network to facilitate OPC *may* not inherently make it susceptible to W32.Blaster, it may, depending on how Blaster actually works (I don't know enough about it to say one way or the other).

In short, I'm not ready to point the finger at OPC for the blackout, but it wouldn't surprise me to find that many places that implement OPC using DCOM have been hammered by W32.Blaster. The very settings that make it easy to make OPC/DCOM work correctly open their systems up to all sorts of nasty things once a rogue program is running on one of them.

OPC/DCOM (as typically implemented) represents a serious "trust relationship," and most companies don't make process control PCs part of an NT domain. As a result, setting up launch/access/config permissions becomes a tricky and error-prone matter of managing account names and passwords from other PCs. Since managing those becomes a distributed nightmare, many places unwisely don't force those machines to abide by password policy, and (even worse) use simple password & username combos.

This should sound like a recipe for disaster.

Tim

P.S. I sincerely hope that RPC and the W32.Blaster had *nothing* to do with the blackouts, but I doubt that most of the public will ever know. The insiders will most certainly not let out the details if it did.

Re:Dangerous in the wrong hands?

[Dr.+Manhattan]

How many died in this, the biggest outage in the US for decades? A half-dozen.

You don't target the plants. You hit the high-voltage transformers. They step down the power from the high-voltage long-distance power lines to the local transmission lines. There's only ~3000 in the whole United States. They're not made domestically and there's an 18 month lead time on manufacture.

You pick a municipality, e.g. New York. You get ~20 men, armed with automatic weapons and explosives. They start ~1am, and go around taking out HVTs. You have four groups; the first two hits each group makes (maybe more) meet no resistance at all, there's no security on these things beyond a padlocked gate.

By the time people realize that a coordinated attack is going on, and get armed guards capable of fighting off automatic weapons placed around the remaining HVTs, at least 30 of them are down. Restoring power takes weeks, possibly a couple of months. Imagine what that'd do to, e.g., Wall Street.

Now, imagine one of those four groups, instead of targeting HVTs, targets water mains instead. You now have a very large region without power or water. That requires a massive support effort, possibly even refugee camps. Picture the economic impact.

Pick two widely separated regions (e.g. New York and, I dunno, Dallas, Texas (they're even more dependent on water and power for survival there than most)) and you halve the damage to each one but more than double the chaos.

The only weird thing is why something like this hasn't happened yet.

Wrong hands?

[saitoh]

And your telling me that publicising a blackout's cause as being one grid station, and then showing how its braught half of the northeast practically to a halt for a day or two isnt information in the wrong hands?

I'm just waiting for some half baked terrorist to whack off a couple of power grids now... Then our excuse of an administration will want to inspect everything about power right down the the electrons because of "national security"... ;-p

On a larger note, I'm surprised that nobody has really taken it seriously that there are other things in America then commercial airplanes that can bring this nation to its knees (like power, water, lack of a starbucks...)

North Korea

[Eric+Sharkey]

Somehow, even during the blackout, it doesn't look as bad as North Korea on a normal night.

Re:Ridiculous

[dkemist]

using obscurity as the soles means of security is a bad thing. However, using obscurity as another layer of an already hardended system isn't a bad thing, and would in fact be encouraged.

For a quick example, I'm sure the NSA has all sorts of crazy security measures (both physical and virtual) around some of their sensitive systems. Do they publish the specs to the security methods? No, they hide them as much as the secrets they protect. But if the specs were to be revealed, the security itself probably isn't compromised. The obscurity is just another layer on top of any already tight system.

Dangerous in the "right" hands?

[jc42]

Would be interesting to know how the system and software works, but then again, that information could be dangerous in the wrong hands."

Well, maybe, but if it can be kept secret by the authorities, they'll just "explain" it with reassuring PR, while not bothering to do any real fixes to the problems.

A lot of us have had far too much experience with big organizations to believe that secrecy will lead to solving the problems. The right way to prevent such things is to make the entire system public information. Then independent engineers can study it, point out the weakness, and suggest solutions, without worrying about losing their jobs if they go public with the bug reports.

(Hmmm ... This sounds a lot like the explanations of why Open Source software is so much more secure and reliable than proprietary software. ;-)