Hackers Have Infiltrated the US Power Grid's Control Networks

davidwr writes: A security researcher and the Associated Press are reporting that hackers have infiltrated many of the United States' power grid networks. "About a dozen times in the last decade, sophisticated foreign hackers have gained enough remote access to control the operations networks that keep the lights on, according to top experts who spoke only on condition of anonymity due to the sensitive nature of the subject matter." Exfiltrated data included engineering plans and other non-public information that could aid an attacker later, as well as account credentials. Multiple companies were affected, but one of the more notable ones was the energy provider Calpine. "Circumstantial evidence such as snippets of Persian comments in the code helped investigators conclude that Iran was the source of the attacks. Calpine didn't know its information had been compromised until it was informed by Cylance, Kerr said."

Karma is a bitch

[nospam007]

I guess that's payback for the centrifuge hacks the US did on them.

Re:Karma is a bitch

[phishybongwaters]

The US? I think you mean Israel and the US. When we found Hebrew in the code it certainly didn't come from Jewish Israelis but when we find Persian in there it's definitely the Iranians.

Re:Karma is a bitch

[Joe_Dragon]

and all it takes is a nuke to really mess up the power gird.

Re:Karma is a bitch

[fustakrakich]

Well, speaking of Israelis, they have a much longer history of spying, etc against the US than Iran. This story sounds more like regular war time propaganda

Re:Karma is a bitch

When we found Hebrew in the code

Chillax, it's just lousy PHP and PAAMAYIM NEKUDOTAYIM.

Re:Karma is a bitch

[Tough+Love]

Let me get this straight, you equate nuclear bomb production with civilian power generation?

Re: Karma is a bitch

I believe he's stating the truth that a nuke will cause an employee blast that will destroy most electronics outside a Faraday cage. The nuke industry is poorly prepared for cyber espionage although the executives say differently.

Re:Karma is a bitch

[bev_tech_rob]

Probably just being a dick, actually.....

Re:Karma is a bitch

Oh, so it's OK for the Iranians to hack our power plants and possibly kill innocent folks (shutting down respirators and other critical infrastructure), but NOT OK for us to hack their nuclear BOMB making centrifuges that they could use to create WMDs and kill even MORE innocent people around the world? SMH.......someone always gotta axe to grind....

Re:Karma is a bitch

[Etherwalk]

and all it takes is a nuke to really mess up the power gird.

Hackers are cheaper than nukes.

Re: Karma is a bitch

Hi. 'Cause other comments, check out the book "Countdown to Zero Day." It's wicked informative and an overall interesting read.

Re: Karma is a bitch

Those centrifuges were being used to create electricity... there was no evidence they were being used to make weapons.

Re:Karma is a bitch

[cold+fjord]

Well, speaking of Israelis, they have a much longer history of spying, etc against the US than Iran. This story sounds more like regular war time propaganda

It is somewhere between highly unlikely and impossible for Israel to have a longer history of spying on the US than Iran. Iran has existed since long before the US came into existence whereas Israel only dates from the late 1940s, around 66 years. Iran has a 160 year head start, give or take. It seems pretty likely the Iranians (Persians) would have heard about the US Navy and Marine Corp fighting the Barbary states and would have had an interest.

Are you just repeating anti-Israel/ant-Jewish propaganda you head somewhere?

By the way, I'm intrigued by the reply you left here. Exactly what "propaganda" do you think I've "swallowed?" Do you think suicide bombers don't exist? Or do you think they do it for the money (that they can't spend)? Please expand upon that. I'm curious as to what you think their motivation is if it isn't ideological in nature or based on their religious belief? Or is that a throw away comment since you're out of good arguments and the facts are against you? Do you really think there is no such thing as idealism, and that people wouldn't sacrifice for their strongly held beliefs?

Re:Karma is a bitch

[fustakrakich]

Please expand upon that. I'm curious as to what you think their motivation is if it isn't ideological in nature or based on their religious belief?

Gee! You tell me! Abu Khaled, like other ISIS members, was paid $100 per month, in U.S. greenbacks, not Syrian lira, despite the latter being the coin of the realm in al-Bab. Currency exchange houses exist in the city where ISIS employees can take their salaries for conversion, although they scarcely need to, given the freebies that come with ISIS employment.

"I rented a house, which was paid for by ISIS," Abu Khaled told me. "It cost $50 per month. They paid for the house, the electricity. Plus, I was married, so I got an additional $50 per month for my wife. If you have kids, you get $35 for each. If you have parents, they pay $50 for each parent. This is a welfare state."

"This is why a lot of people are joining," said Abu Khaled. "I knew a mason who worked construction. He used to get 1,000 lira per day. That's nothing. Now he's joined ISIS and gets 35,000 lira—$100 for himself, $50 for his wife, $35 for his kids. He makes $600 to $700 per month. He gave up masonry. He's just a fighter now, but he joined for the income."

But then, there is trouble in paradise ...Three years ago IS was paying several hundred dollars a month more than al-Qaeda and other rebel outfits.

And I hope you're getting paid for your work doing your little propaganda thingy here, too. I mean, after all, it is working for the most part. So, keep up the good work, I guess....

As far as the spying, Israel has 'em beat by far, but I'm sure more people believe you than me, so of course, you win the internet

Not too difficult

[RobinH]

This isn't too difficult. A couple years ago you could go to Shodan, search for well-known industrial automation equipment providers like Phoenix Contact, and try to find their devices with embedded web servers that someone has connected to the internet. Start clicking on IP addresses. Make sure you don't mess with anything you find. One interesting find was some of the big windmill turbines with real-time monitoring and everything. People installing this stuff really don't understand what they're doing.

Re:Not too difficult

Securing the device is probably a value-added service that most customers opt out of. Why do it for free?

Re:Not too difficult

[khasim]

That's one of the reasons why I'm having trouble believing TFA. There isn't much skill needed to crack most organizations I've seen.

Anyway, from TFA:
1. Guy working on thing for A notices that A has been cracked. ok
2. Guy tracks crack back to open FTP servers. ok
3. Guy finds lots of other stuff on open FTP servers. ok
4. Guy does magic to find next time malware attacks someone. um, not ok

Before Wallace could dive into the files, his first priority was to track where the hackers would strike next - and try to stop them.

He started staying up nights, often jittery on Red Bull, to reverse-engineer malware. He waited to get pinged that the intruders were at it again.

Months later, Wallace got the alert: From Internet Protocol addresses in Tehran, the hackers had deployed TinyZbot, a Trojan horse-style of software that the attackers used to gain backdoor access to their targets, log their keystrokes and take screen shots of their information. The hacking group, he would find, included members in the Netherlands, Canada, and the United Kingdom.

So Iranian "hackers" in Canada deploy malware via Tehran servers?

And unless he uploaded a hacked version of their malware to those cracked FTP servers ... how did he know?

Maybe he moved one of his cracked machines to a "honey-net"?

But then, why would any competent crackers deploy from servers in Iran? Particularly if they live in Canada and elsewhere?

This reads more like fear-mongering. IRAN IS ATTACKING US! BE AFRAID! EVIL IRANIANS! (and some canadians).

Re:Not too difficult

[aaarrrgggh]

Really it is a lot more complicated than that. I was speaking to a vendor last week, and asked about how they do spanning tree within their system for redundant network links to their engine controllers. "Oh, we program a couple little DIN rail switch ourselves and provide a single network handoff to the building." While I am sure they can figure out the basics, security is hard enough that without dedicated people and systems you aren't going to defeat a committed attacker.

Solid security is very hard when dealing with any kind of interconnected system. It gets even harder when you need different systems to have their own IOT crap without RADIUS authentication or the like.

Re: Not too difficult

[mSparks43]

great to see the NSA keeping the USA safe.
I mean it's not like they have been actively thwarting any of the efforts to keep this stuff secure.

you know.

like having the documents securely encrypted.

nah. only terrorists need stuff like that.

Re: Not too difficult

[mSparks43]

I'd say by getting access to and monitoring the c&c servers. probably on an Irc channel.

Re:Not too difficult

[currently_awake]

We need someone (the Government?) to do things right, then everyone else can just copy the template. It's a pity the NSA has abandoned their duty to defend America so they can spend all their time spying on people.

Re:Not too difficult

[cold+fjord]

That's one of the reasons why I'm having trouble believing TFA. There isn't much skill needed to crack most organizations I've seen.

khasim, I find your thinking on this highly curious: It's easy to hack in there, so the Iranians didn't do it?

Easy to hack critical infrastructure of a country that they call an enemy, one they have aided violent attacks against, ... and they wouldn't do this why? Do you think they just aren't looking, or are somehow insulted by the possibility of an easy and highly damaging attack as being beneath their honor?

Why would it surprise you that someone engaging in hacking investigations wouldn't openly describe all details of how they traced hackers engaging in harmful activity? Surely you recognize that could enable them to better cloak themselves in the future if they knew how they were being tracked or tricked?

Iran has attacked US forces, and directly aided in attacks that have killed hundreds or thousands of Americans. They are one of the chief state sponsors of terrorism in the world. You seem to be both dismissive of that and more or less defending Iran vis, "This reads more like fear-mongering. IRAN IS ATTACKING US! BE AFRAID! EVIL IRANIANS! ". Is there some reason for that?

Give Iran its due. There are many highly intelligent, capable, and dangerous people being used by the extremist Iranian government to target the US and many of its friends and allies. The behavior of the Iranian government terrifies most of it neighbors who are now making large purchases of military equipment to defend themselves against Iran. Iran has been involved in other hacking activity before, and there is nothing about the possibility of preparing for an easy attack on critical US infrastructure that would be out of character for them.

Oops, they did it again.

Iran violated sanctions with missile test, says UN panel

Re:Not too difficult

While I am sure they can figure out the basics, security is hard enough that without dedicated people and systems you aren't going to defeat a committed attacker.

It isn't that hard. DON'T CONNECT THE FUCKING THING TO THE PUBLIC NETWORK DUMSHIT!!

There is no reason the power gird network cannot be run on a closed network. The only reason to connect to the Internet is so dumb shit manager and "look" at the grid from home. If I mean When the grid gets hacked the fault lies with the dumb shit that connected it to the Internet. The best defense from getting hacked can be said in two words.... AIR GAP.

From your friendly Pen Tester.

It's your Monday morning FUD report!

[kheldan]

Good morning, Slashdotters! We sure don't want your ambient fear level dropping (because your higher reasoning abilities might actually start functioning at 100% again if they do), so this is your Monday morning FUD report! See your tax dollars at work? Remember, you're here forever!
.
.
.
.
.
.
*facepalm*

Re:It's your Monday morning FUD report!

You ever notice how some people can't help but make idiotic sweeping generalizations, lash out with what they hope are trigger words, and in general appeal to emotions rather than reason?

Of course not. You're too busy doing all that.

Re:It's your Monday morning FUD report!

[FatdogHaiku]

Wait, my tax dollars are WORKING?
Dammit, they had an 11:15 tee time...

Re:It's your Monday morning FUD report!

Also, I've noticed a couple of you have slipped back into being able to concentrate on your work and somehow managed to control your bowels, which means I have no choice but to terrify you by ratcheting up the alert level a couple of notches to... Blackwatch Plaid!

Re:It's your Monday morning FUD report!

[bev_tech_rob]

Awesome! Where are my mod points when I need them???

Re:It's your Monday morning FUD report!

[Sardaukar86]

Dammit, they had an 11:15 tee time...

Sounds to me like a perfectly reasonable time to kick off a round of golf. Your money needs time off too!

I call BS.

[mea2214]

Anonymous so called "experts" and all these examples read like a plot from the TV show "24" lead me to a hypothesis that this story is complete and utter BS or more likely propaganda to increase some governmental budget that benefits from cyberwar funding.

Re:I call BS.

[bobbied]

Anonymous so called "experts" and all these examples read like a plot from the TV show "24" lead me to a hypothesis that this story is complete and utter BS or more likely propaganda to increase some governmental budget that benefits from cyberwar funding.

This is EXACTLY what this is.

Power companies may have exposed some of their automation equipment inadvertently, but in general they totally understand the risks here and are taking steps to be careful. They usually don't use internet control to stuff anyway, given the internet's propensity to not be operational when there are power issues. I'd bet that some monitoring happens over internet connectivity, but I'll be willing to bet this is behind reasonable levels of encryption and it doesn't really matter to the safe operation of the system, only the efficient operation of it.

Rest assured that, at least in North America, your electric providers don't have their preverbal pants down network wise. The internet, at least locally, is not very reliable so the power distributors have their own networks and back channel routes they use to manage their distribution networks.

Re:I call BS.

[NoNonAlphaCharsHere]

...or more likely propaganda to increase some governmental budget that benefits from cyberwar funding

...or more likely propaganda to increase some military/industrial/security contractor's budget that benefits from cyberwar funding

FTFY

Re:I call BS.

[angel'o'sphere]

You are wrong on all regard and have no clue what the 'internet' is.

given the internet's propensity to not be operational when there are power issues
As long as the power plants run, the IP networks connected to it run. If there is any rest of the internet alive is irrelevant.

Power companies may have exposed some of their automation equipment inadvertently, but in general they totally understand the risks here and are taking steps to be careful.
Yes an no, in general the traffic is simply not routed into the public internet.

but I'll be willing to bet this is behind reasonable levels of encryption and it doesn't really matter to the safe operation of the system, only the efficient operation of it.
And you would lose that bet.

The internet, at least locally, is not very reliable so the power distributors have their own networks and back channel routes they use to manage their distribution networks.
No idea what you mean with reliable. Yes, they have their own communication lines. They power them themselves and have fallback power. They run them on IP, or TCP/IP or on propriety protocols. They are connected to the companies WAN usually, but usually not routed into the public internet.
They are mostly not used to control, but to monitor. Power plants and the connections to transportation grids are run _mannually_ like on a Carrier where there is a captain, there is dispatcher on a power plant. However one dispatcher might control several plants, so he has those under remote control and is steering them with IP protocols.
The machinery that connects a plant to a grid, is controlled from plant side. Usually on a manual command given at that side. There is usually no way at all to disconnect a plant remotely from a grid. Or to connect it to another one.
The information that at a certain time the plant should change its output or its grid connection might be sent via internet technologies, the execution is done manually, and trust me: the people doing that usually have enough clue to know if such an 'order' makes sense (or not).

Re:I call BS.

They are mostly not used to control, but to monitor. Power plants and the connections to transportation grids are run _mannually_ like on a Carrier where there is a captain, there is dispatcher on a power plant.

Remember that falsifying monitoring data is sufficient to cause human actors to make some really bad decisions, which the "manual control" will do nothing to mitigate.

Re:I call BS.

[Puls4r]

You are 100% wrong.

A great majority of manufacturing systems that live in power plants are built on old platforms. Windows 3.1 and Windows XP abound. These systems are widely connected by standard ethernet connections to information systems that the engineers monitor. These reside on servers that are hooked to the same network as the IP phone systems, all directly linked by fiber-optic lines to the internet.

In other words, you have a bunch of horribly outdated non-virus / malware protected systems running on OS's without build in firewalls connected to the internet.

Now the companies have firewalls between themselves and the internet, but once you get inside that initial firewall internal security is fairly lax.

Re:I call BS.

[cellocgw]

dunno 'bout that... Win 3.1 machines are unlikely to have the toolset necessary for modern viruses to run. Security through obsolescence!

(yes I'm being sarcastic)

Re:I call BS.

[bobbied]

I think you read my post wrong.

My perspective of what the power companies are doing with their data networks pretty much matches what you describe for communications. They do not depend on "Internet" (i.e. public network) connections for their operations and in the rare instance they do, it's likely over encrypted VPN links.

Your picture of how power dispatch is done is pretty messed up though. There are two aspects to this, power generation and power distribution. Power generation is usually controlled by a pre-arranged plan which is adjusted throughout the day to fine tune capacity to match demand when necessary for economic reasons. Communication of this information can go by all sorts of means, even a phone call, but in reality everybody kind of knows what's going on and in the absence of any distribution problems can tell what they need to do to keep the voltage up and frequency in spec. Beyond the forecast and load schedules the only critical information is if a plant trips off line and another needs to make up the slack, but it's not like we run close enough to the margins that a phone call isn't fast enough.

Power distribution is what's *really* the risk and where the real problems exist that are difficult to solve. The switch yards are sometimes remote and spread over a large area and getting somebody onsite to do something can take hours. However, luckily the redundancy of the "grid" helps with that problem, making it unnecessary to worry too much about major blackouts. The only time it becomes critical is if the system is degraded, parts are out of service unexpectedly and what's left cannot maintain enough stability to get power from where it's generated to where it's being used. This is the scenario that we should fear, but in almost all cases this really requires multiple failures in diversely located areas that cannot be corrected. This happens rarely, and usually requires multiple human errors that happen to line up with natural causes..

Truly, we are at greater risk to the *physical" parts of the transmission system than any of this. It's not that hard to take down a transmission line and if you know what you are doing and have a bit of coordination in your attacks, one could do some grave damage. This worries me a lot more than some hacker disrupting dataflow or sending false information to folks.

Re:I call BS.

[angel'o'sphere]

Oh, you read me wrong to then ...

Your picture of how power dispatch is done is pretty messed up though.
No it is not ;D

There are two aspects to this, power generation and power distribution. Power generation is usually controlled by a pre-arranged plan which is adjusted throughout the day to fine tune capacity to match demand when necessary for economic reasons. Communication of this information can go by all sorts of means, even a phone call, but in reality everybody kind of knows what's going on and in the absence of any distribution problems can tell what they need to do to keep the voltage up and frequency in spec. That is more or less what I said: information is distributed in what ever means, the dispatchers decide by Themselves what makes sense and what not, so we agreed here, even if you did not realize it ;D

The prearranged plan is not only for generation, it is also for distribution, it is called a "grid schedule".

Re:I call BS.

[bobbied]

Oh sure, you might bring down a manufacturing plant, maybe two, but you are NOT bringing down the country's electric grid by doing this.

The electric grid has multiple redundancy and even if you can hack in and touch something, it's not going to do anything of importance to the grid. It's like some vandal with a can of spray paint. You can make a mess, but that's about it.

Bringing the electric grid down is going to take a pretty complex set of actions for the prospective hacker. They will have to disrupt more than part of the grid, they will have to coordinate their disruptions to happen fast enough that the operators cannot adjust fast enough. Because of this, there will need to be a LOT of surveillance and test work done to find enough unprotected points in the system that have enough influence together to make the grid unstable. Then there will need to be an understanding of how these unprotected points are interconnected and what control each point affords an attacker. Then, there will need to be an attack plan, specifying exactly what points to attack, what to do at each point and when to do it in order to destabilize the grid. Finally, somebody will have to pull all this off. Good luck.

Re:I call BS.

[bobbied]

The prearranged plan is not only for generation, it is also for distribution, it is called a "grid schedule".

Touche'

But you'd have to admit that in order to cause the grid to become unstable enough over a large area you are going to need to come up with a multiple point attack. You are going to need to take targeted distribution lines out of service and/or trip some plants off line in some coordinated way that you know will generate some cascade failure that happens in a way the automation cannot save the grid and humans don't have time to react. This is going to be pretty tough to accomplish from a computer screen, given the remote attacker doesn't really *know* what they are messing with in the first place, much less how it's all interconnected to the grid and doesn't likely have any real time monitoring information.

Re:I call BS.

[angel'o'sphere]

There are a lot of scary terms they don't understand, like "rolling equity"

You are wrong.

It is pretty easy to take down the whole grid. You only have to attack something the grid can not balance out ...

If you are interested send me an email ;D I'm not giving free hints to idiots/terrorists ... however I guess if one is interested in that stuff he only needs a short brain storming to figure how to do it.

Re: I call BS.

[hrodgmc]

Don't believe it's secure. The nukes have protection and data diodes, but we have some dumbass cyber engineers. I was formerly in the nuke industry where the senior cyber engineer failed to recognize a phishing email sent out by corporate to weed out the people who were warned not to click everything.

Re:I call BS.

[bobbied]

Not easy under normal circumstances. The grid is designed to be redundant and an attacker is going to need to attack at multiple points to make much of a dent. Yea, a lucky attacker might be able to bring down a small town's grid, but nothing major is going to happen.

Of course, if the grid is already under stress, and the attacker knows it, then they might be able to push it over the cliff, but there is no real way to know that kind of stuff unless you are hooked in to a lot more places than the electric distribution company is and can react faster than they can.

I too am trying to stay vague, not that a 2nd year electrical engineering student who is struggling with applying the square root of 2 and 3 properly couldn't figure out how to do it in general. It's not like power distribution systems have changed much since Westinghouse's AC beat Edison's DC back in the day. Yea, we've automated parts of it, but the fundamentals are all the same.

Re:I call BS.

[dave562]

This aligns with the one system that I was involved in setting up. A former client of mine was running (and probably still runs as far as I know) a couple of power plants in Central California. The control systems were built by Honeywell. For a small, single turbine plant there were 5 servers. 2 masters, 2 slaves / reporting servers and 1 witness.

Both masters, 1 slave and the witness server were on a private network without internet access. 1 slave was in the DMZ with a uni-directional connection from the secondary master that wrote out reporting data. There was a VPN connection (over satellite because the plants were out in the middle of no where farm country) back to the company's main office. The VPN connected the company office to the DMZ and the reporting server so that people in the main office could see the output of the plant.

Nothing in the setup allowed settings to be changed over the internet. Everything within the plant was run on a dedicated IP network that was air gaped from the internet. The only server that was connected to the firewall was the slave / reporting server. It had 2 NICs. So I suppose in fantasy crazy TV land, someone could have hacked the firewall, hopped into the DMZ, compromised the slave and jumped into the control server where they would have been able to... do nothing, because it was the redundant server that would only have been active if the primary failed.

Keep in mind I set that network up in 2005 for a small, single turbine power plant that generated power by burning green waste (yard trimmings, etc.) I think it is reasonable to assume that 'real' power plants that power thousands of homes and businesses are at least as secure. In my situation, Honeywell told me how to do it. I did not make it up. The vendor had the solution, I was just there to handle the network and VPN.

Re:I call BS.

[aaarrrgggh]

I mostly agree with what you are saying, but as a simple example of 3MW diesel gensets, say a paralleled bus of 12x3MW, that happens to be controlled via Ethernet for sync and paralleling. If the switches are not properly secured then you end up with the ability to lockout all the generators. (Sadly, this particular major manufacturer does not have backup sync and start controls.)

The most common protective relay on the market is another interesting example-- while they are much better in understanding security than most, to secure their systems you need fairly extensive infrastructure which would not be common for less than 20 or so relays.

Point being it is easy to fuck up with security-- one mistake can destroy a good system.

Re: I call BS.

[bobbied]

Now that's an interesting test idea... Send out your own phishing E-mails and see who clicked on them..

Personally, where I work, all external attachments are removed from any inbound Emails and all attachments from inside are scanned before they are allowed to be sent. Also, all web browsing happens within an isolated virtual machine that is hard coded to only transit corporate's proxy/filters regardless of if you are inside or outside the network. The way you transfer stuff is though an external file transfer server that requires that you login and encrypts the data in transit. It too is able to scan just about everything... Pain in the butt, but effective.

I'm all for trusting folks to do the right thing and train them what that is, but I'm also for making sure they cannot do anything stupid if there is a reasonable way to prevent it.

Re:I call BS.

Give it up dick-bobber. You don't know what the fuck you're talking about.

-angel

Re: I call BS.

[Fnord666]

Now that's an interesting test idea... Send out your own phishing E-mails and see who clicked on them..

Our InfoSec department tried doing that in house. It became quite a game among the programming staff to have the most fun with it. The phishing link went to an internal application that logged the information. The application was totally insecure and hilarity ensued.

I wonder

[sgrover]

putting on my skeptical hat here to consider alternate views. One could easily wonder about the "anonymous" nature of this disclosure and how the message is about instilling fear. Who profits? It would be easy to conclude that this is a propaganda release with the aim of softening up the sheeple's perspective to allow for increased budget expenses, or even direct action at the supposed culprits. Blaming a nation-state on flimsy evidence such as what language was used suggests a preconception being reinforced by circumstancial tidbits. Afterall, there can't ever be anyone else in the world that speaks that language, perhaps even within one of the superpowers known to be fairly multicultural. Or those who hirer foreign workers. Yep, a sceptic would be wary of reports like this - even if the infiltration is 100% true.

Re:I wonder

[swb]

One of my questions is, if it could be penetrated so deeply, why hasn't the grid been fucked over by someone by now?

Is it that the "control networks" are less vulnerable than they're made out to be, and that as it turns out a telnet session from someplace isn't enough to actually do any serious sabotage?

The "hackers" involved lack the know-how and expertise to do anything serious (maybe combined with it being hard to use these networks to do anything serious)?

$evil_nations are putting this in their back pocket for some later date when they really need it, like when El Presidente Cruz decides to start carpet bombing Iran over nuclear agreement issues or something. This seems compelling, but then again, all security vulnerabilities seem to have something of a shelf-life -- old equipment eventually gets replaced, software ultimately gets updated, networks change, etc -- the hack you thought you have may not be there when you need it, so why wait to hit the button?

Re:I wonder

One of my questions is, if it could be penetrated so deeply, why hasn't the grid been fucked over by someone by now?

Enron already did.

Made billions for themselves.

Re:I wonder

[bobbied]

There are a whole lot easer ways to bring down the grid than hack your way in if you can access it physically (IE you have somebody on the ground, or some way to work your mischief.) All it really takes is a little bit of coordination and planning and looking at the power distribution network topology and some 2nd year undergraduate electrical engineering knowledge.

Why all the cloak and dagger stuff? BECAUSE, it's political.

That's right, this is about some rumblings I've been hearing about the dangers our electric grid faces. We've been regaled by tails of CME's, HEMP pulses and now the risk of hacking in an effort to push the of "modernization" of the Electric grid because what we have now is old and obviously unsafe. Heck, I heard an NPR news story about this just last week.

There may be risks with our electric distribution facilities here in North America, but seriously, hackers taking down the grid is pretty low on the list of viable risks here. There are a whole lot bigger fish to fry on this subject, and IMHO this particular fish is a red herring.

Re:I wonder

[sgt_doom]

Thank you! Whenever they declare "anonymous sources" they are usually bullcrap specialists out to do no-good!

Re:I wonder

[swb]

There are a whole lot easer ways to bring down the grid than hack your way in if you can access it physically (IE you have somebody on the ground, or some way to work your mischief.) All it really takes is a little bit of coordination and planning and looking at the power distribution network topology and some 2nd year undergraduate electrical engineering knowledge.

Yeah, but a remote hack has the potential to break the grid on a scale that makes the effect nation wide. A physical hack on a single substation seems much less likely to have more than a regional impact, and getting a larger impact would require a lot more than just a little bit of coordination and planning.

Re:I wonder

[bobbied]

No remote attack is going to be able to have the same affect, even from a sophisticated enemy state who had the resources to launch one. Trust me, you are going to have to disrupt the system at multiple points in a coordinated way no matter what way you do this and that's a hard task to accomplish when all you have is some IP addresses where you don't really know how they interact or are interconnected. You might be able to disrupt a couple of things, but you won't be able to really do serious damage to the redundant grid if you don't have a very good idea what you are touching.

And we've not yet had reports of this happening, even with a limited scope. If the hackers are truly capable, one would assume they would be testing this capability, if for nothing else but to feel out how the network is interconnected and what does what. Because it takes multiple failures to bring down a multiple redundant system and in this case, you'd have to know multiple attack points, understand the distribution grid well enough, and coordinate the attack so it happened faster than the humans watching all of this could respond and reconfigure the grid in a way that you cannot counter. Good luck with that.

Re:I wonder

[aaarrrgggh]

Moreover, the remote hack can be designed to impact systems when an externality occurs rather than just causing one at will. That can often have a much larger impact on a target.

Re:I wonder

You mean like these guys did in Ukraine?

http://www.bbc.com/news/world-...

It's pretty amazing what some well placed thermite can do to a power grid.

Re:I wonder

[plover]

You seem to keep repeating variations on "the attackers don't know enough to make an effective attack." But getting information is one thing that they're actually really good at. Once any black hat breaches a system, the first step is creating a reverse access hole, but the next step in the attack is recon. Figure out what you've gotten into. Find the important servers, like domain controllers, DNS servers, Exchange servers, web servers, etc. Search for documents describing the good stuff; servers, network diagrams, equipment locations, etc. And the larger the company, the more likely there's an internal wiki with helpful links to various document repositories. Wikis are a gold mine to an attacker. Search the average wiki for useful terms like 'password', and with any bad luck you'll find links to spreadsheets with passwords, links to password systems, the occasional default password to access some long-forgotten appliance, password reset procedures, new hire password request procedures and phone numbers, and search engines that index other documents like spreadsheets with passwords, etc. Multiply this by any topic the attacker is interested in, and it won't be long before he's doing real damage.

You can't rely on attacker ignorance to keep systems safe. They're way better than that.

Re:I wonder

[bobbied]

No, that's not the only thing I'm saying..

The power grid is largely redundant, built so parts can fail and the whole keeps working. This makes the attacker's job more difficult. You cannot just break into your local substation, push a few buttons and bring down the grid, you have to mount a coordinated attack at multiple points. To be successful, you have to have a good idea what you are doing (a working plan), in addition to having enough access to grid components to carry out your plan.

So, I'm not saying it's impossible for a sufficiently motivated and equipped adversary to figure out what to do, only that it's beyond the capabilities of some hacker or group of hackers to launch a successful attack over the internet. There simply isn't enough vulnerable points to access critical equipment available for such a thing and if there where, it would be exceedingly hard to catalog and develop working exploits for enough to do any serious damage. In short, somebody's going to have to attack the physical infrastructure PHYSICALLY to pull this off, because whacking away at a remote keyboard won't be enough.

Re:I wonder

[plover]

Remember the Northeast blackout of 2003? A single failure on the grid, starting with incorrect load data during a heavy demand day (aka SCADA reporting failures), which caused a peak load generating plant in Eastlake, Ohio to shut itself down. The lack of power caused higher than allowable demand on Ohio's existing transmission lines, causing some of them to sag into trees where the safety systems automatically shut them down. This larger outage resulted in higher demand, so more sets of lines sagged into more trees, causing more failures. The resultant failures cascaded across the grid, ultimately causing safety systems at as many as 256 generating plants to automatically take themselves offline, and leaving 55 million customers from Detroit to New York without power overnight.

Even the smallest push in the wrong place at the wrong time could be enough to trigger another cascade of failures. And don't think for a moment that an attacker can't figure out when and where to push - readily available public information is more than enough to draw some logical conclusions.

Re:I wonder

[bobbied]

Knowing where to push and when then becomes the problem for the hacker. Unless you know what the configuration and power flow is right NOW, you are going to be poking around in the dark while the lights stay on everywhere. You might bring parts of the grid down, but not all of it. The blackout you mentioned is about the extent of the damage a determined hacker *might* be able to cause, but they are going to have to understand more about the system and it's configuration than the operators do, then have access to the necessary points to initiate the necessary cascading events to bring down the grid. I don't think your average hacker is going to have enough access and enough internal information about control systems, operating conditions and configurations to really do anything.

Look, it's a fact that there are issues, but even in the event you outline only a fraction of the north American grid was affected. It took nearly 4 hours for the series of events and operator errors to conclude in the final irreversible cascade failure that took 10 min to run it's course and leave large parts of 7 states and 1 province without power starting at about 4:15 PM. However, this failure did not cause lasting damage and restoration of electric service went quickly with large parts of the grid restarted and many customers restored before the end of the day, the majority before noon the next day and virtually everybody had their power on within 24 hours with a handful having to wait 48 hours or more. Where serious, this event is actually an indication of how resilient the grid actually is.

This failure could have been avoided had the operators not made mistakes, had FirstEnergy's operators communicated what was happening to the surrounding areas, even by making a phone call sometime during the 4 hours it took for the whole series of events to unfold the problems could have had a drastically reduced geographic impact. But even in the face of a stressed grid, unexpected generation capacity reductions, equipment malfunctions and operator failures, the grid survived 4 hours before a part of it went down just before the scheduled peek load which usually hits at about 6 pm local in the hot summer months. No hack attack could mimic this series of events and bring down the grid even at this limited scale. No hacker has enough information, enough access, or enough insight to bring down the grid from a keyboard connected only to the internet.

Now if you want to argue that somebody could infiltrate the control rooms or plan physical attacks on infrastructure and bring the grid down, I won't argue with you on that, but no hacker armed with a keyboard and in internet connection is going to be successful in bringing down the grid in any large scale way.

China has the right approach

[MikeRT]

In China, if you cut corners in how you run your business and people die because of it, the government reserves the right to put you up against the wall. Corruption issues with due process there aside, that is probably the only way stuff like this, Deepwater Horizon and other disasters will be prevented. Stop going after the company and go directly after the people that chose to cut corners to "maximize shareholder value." Catch them, try them and execute them.

Re:China has the right approach

[Ravaldy]

Because China is a morale compass for all of us to follow.

Re:China has the right approach

How does vengeance solve anything?

Re:China has the right approach

[sehlat]

No. China is not a moral compass. But the approach has virtues even corporatists will appreciate.

If corporations are truly people, with human rights, they are also subject to demands that they meet human responsibilities, including taking reasonable care for the safety and lives of others (not just corporations, btw).

"I'll believe corporations are people when Texas executes one."

Re:China has the right approach

[Joe_Dragon]

It will be nice to see a ceo be forced to pay back there bonus and if they do not contempt of court after a few days in jail they will pay it back.

Re:China has the right approach

Because China is a morale compass for all of us to follow.

No. China is not a moral compass.

It's possible that the original post was intended to be sarcasm, although on the internet it is always hard to tell.

Re:China has the right approach

[Tablizer]

Stop going after the company and go directly after the people that chose to cut corners

Smart slimebags don't leave a trail. They may give a verbal order over the phone or in person, for example, so that there is no email or document trail.

Or ignore warnings, and then later claim that they never saw it or didn't understand it when interrogated. They won't explicitly say "no". The worse you can get them on is incompetence or "light" negligence, which is usually not a criminal offense.

Re:China has the right approach

[Ravaldy]

It was intended as sarcasm. :)

And I learned the hard way that I meant moral, not morale.

Re: China has the right approach

Nothing, considering that China is full of corruption and so on.

Re:China has the right approach

[cwsumner]

How does vengeance solve anything?

Well, it does guarantee that they don't do the same crime again. Which is important.

The problem is that revenge tends to misfire, and get the wrong person a lot. Thats why most police have Investigators on the job.

It thought is said "hecklers"...

I could just imagine what it would look like if hecklers broke into power grid control centers and started making fun of the technicians and engineers.

Who's most vulnerable to cyber-attack?

[matbury]

The USA has its infrastructure, military, and so much of its business hooked up to and dependent on the internet, you'd think it'd be a priority to make it more secure and stable. Instead, the NSA are doing their best to undermine web security and leave the USA open to attack. What are top secret hacking tools and techniques that only govts. have today are available to corporations and criminal gangs the next and the public/hackers thereafter. We need a more secure, private internet. No backdoors, no unpatched zero-day exploits, no offensive tools to get into the wrong hands, and an end to the cyber-weapons arms race that the USA has started.

Re:Who's most vulnerable to cyber-attack?

Watched a special about Rome yesterday on the History Channel. My big lesson learned is that Rome fell when the Barbarians attacked the aqueducts. That caused the city population to not be supportable by the infrastructure. Repeat history, funny that.

Re:Who's most vulnerable to cyber-attack?

But that wont work as your average merkin ham planet would feed the rest of the surviors for at least a month each.

Re:Who's most vulnerable to cyber-attack?

[wyHunter]

Draw the conclusion. They want the nation to be attacked and destroyed or at least heavily damaged.

Re:Who's most vulnerable to cyber-attack?

[matbury]

...or it's a classic case of the scorpion and the frog allegory. The NSA just can't help themselves. It's in their nature.

And I was hacked by Futurama

There was a comment about hailing "Hypnotoad" in the code.

Re:And I was hacked by Futurama

[davidwr]

The first rule of Hypnotoad is you don't talk about

[eyes glaze over]

Sorry, carry on.

Unplug infrastructure from the internet.

Surely this is a case for leased lines if anything at minimum?

More likely this is just BS to justify screwing with the internet..

Not even trying

[WaffleMonster]

Utilities are like consumer router manufacturers. They don't give a shit about security and they don't even try.

Re:Not even trying

The irony is that these companies have FIPS-level tech easily available to them. They just don't want to pay for it unless forced to by the govt.

Re:Not even trying

You couldn't be more wrong. I am in that industry and I do care.

Hackers in utility grids:

And why is it that the managers and people who make the decisions to expose these systems to the public internet are still working? The systems could not be hacked via the internet if they weren't available. Time to start placing the blame where it actually belongs.

shouldn't be connected to th net, period

Whoever connected the power grid to the Grid is a FOOL!

THIS IS THE END!!!!!!

[Dr.Dubious+DDQ]

!!!

Do you realize what this means? ISIS could be in your power lines radicalizing your toaster right now and you'd never even know it until your toast started catching fire!

Re:THIS IS THE END!!!!!!

[Tablizer]

If they attacked Comcast, nobody would know the difference.

Re:THIS IS THE END!!!!!!

[Sir_Eptishous]

ISIS could be in your power lines radicalizing your toaster right now and you'd never even know it until your toast started catching fire!

Too late. My Toaster has already had the microaggression update installed.

Re:THIS IS THE END!!!!!!

ALLAH SNACKBAR!!!!

Alarmist Yellow Journalism Headline

What is this clickbait? Isn't the world frazzled enough without headlines such as this?

Re:Alarmist Yellow Journalism Headline

Where I live it's not unusual for the power to go out once every other year or so after a big winter storm. One year, we got I think it was 3 feet of snow almost overnight followed by an ice storm. Usually it's power lines downed by falling branches all over the place. I'm pretty close to the main drag in town so my power's nearly always back up by noon the next day, but it was out for four or five days for a lot of my co-workers.

It was quite the inconvenience for them, but we carried on as always. Keeping buildings warm is the main concern. The generator at work will keep us up and running, but it's not big enough to power the HVAC system.

As far as (oh noes!) hackers! aaaaaa!, I don't think there's much to worry about. It would be interesting if somebody did actually manage to take down the grid state-wide or even country-wide just to see if there is anything to this supposed threat. Now, my sum total of electrical experience is wiring a new circuit into my house for a treadmill, so I may have no idea what I'm talking about. Wouldn't the grid come back up in a matter of hours given that there's no need for crews go around re-hanging wires and replacing fallen poles? Is there something I've missed that would make starting the grid back up more difficult than swapping in spare boxes to replace the ones that got pwn3d?

OT: When Texas executes a corporation

[davidwr]

"I'll believe corporations are people when Texas executes one."

Well, they've "executed" (shut down) more than one school district since the turn of the century. Does that make school districts people?

Don't worry, the kids and school buildings (and taxing authority) all got merged into a neighboring school district.

Air gaps are your friend.

[Virtucon]

There's no reason to have critical infrastructure attached to the Internet. Also don't allow any "maintenance" via a USB thumb drive.

Re:Air gaps are your friend.

> There's no reason to have critical infrastructure attached to the Internet

And there's no reason for bodily wastes to be so close to the reproductive systems as to frequently infect both. Wait, I know! We'll just re-route the waste organs to your fingers, so we can be even more clear where such a silly opinion came from.

The front door

[stooo]

>> Hackers Have Infiltrated the US Power Grid's Control Networks
That's wrong.
it should read : "Power Grid's Control Networks are very weak security-wise, and everybody can go in on the front door, not only in the US."

"Persian comments"?! how convenient

[sittingnut]

"Circumstantial evidence such as snippets of Persian comments in the code helped investigators conclude that Iran was the source of the attacks."
if this is true(and is not an another false claim to ramp-up rhetoric against iran),it seems these so called "investigators" are easy dupes. that should really worry people as much as hacking itself

sgt_doom speaketh

[sgt_doom]

top experts who spoke only on condition of anonymity due to the sensitive nature of the subject matter. . .

Why are they anonymous? What are they afraid of? Are they stinking traitor scum?

We've been hearing this ever since the CIA within the CIA hired top assassins (Jean Souetre, Moise Maschkivitzin, Lazlo the Hungarian and the CIA's own, Lucien Conein) to murder President Kennedy.

If it is true, then "they" should come forward and declare who they are, otherwise STFU, spineless, cowardly traitor scum!

Air gap

[roc97007]

Air gap. Learn it, live it, love it.

Re:Air gap

As a consultant who assists with builds of SCADA networks and does security for control systems at power plants, every single SCADA network I work on is air gapped. Also, every single place I've worked at has many different vendors and systems in place. No two are the same. So even if they would successfully hack into one plant, replicating that effort to another plant to cause a real grid issue would not be easy. There may be some smaller companies or electrical service outfits that put some of their stuff on IP networks connected to the internet, but plants with 300 megawatt generators do not.

Oh and I read Ted Koppel's book...pure FUD and full of B.S.

Power company Executives need to be put in Jail.

[Lumpy]

If the SCADA systems are freaking ON THE INTERNET then the executives need to be put in jail and all their family assets taken and treated as terrorists.

Only the worlds most incompetent would put ANY SCADA system on the internet with any access ability. Private point to point networks with encrypted tunneling on those private point to points.

Oh that is expensive? WAHHHHH. suck it up.

News Monster

[ThatsNotPudding]

One interesting find was some of the big windmill turbines with real-time monitoring and everything. People installing this stuff really don't understand what they're doing.

"WINDMILLS SHOULD NOT WORK THAT WAY!!"

Re:News Monster

[RobinH]

Windmills do have a reasonable payback with government subsidies, so you can get capital to invest, but in most cases the purpose seems to be for someone with lots of money to be able to talk about his windmill farm at the country club, and if that's the case they need to be able to pull up the control panel on their iPhone to show their buddies.

Micro grids offer resilience

[mdsolar]

A big advantage of decentralization is that mass disruption is hard to pull off. http://www.rmi.org/reinventing...

Re:Micro grids offer resilience

[dunkindave]

A big advantage of decentralization is that mass disruption is hard to pull off. http://www.rmi.org/reinventing...

And on August 10, 1996, a failure of one high-voltage power line caused a cascade failure that took out power to seven western US states, two Canadian provinces, and parts of Baja California. People think that to have a big effect an attacker would need to take out a lot of points, but a small number of strategic hits, perhaps as small as one, can do a very disproportionate amount of damage.

Re:Micro grids offer resilience

[currently_awake]

One of the drawbacks of maximizing profit is you minimize redundancy.

Re:Power company Executives need to be put in Jail

[ScentCone]

If the SCADA systems are freaking ON THE INTERNET then the executives need to be put in jail and all their family assets taken and treated as terrorists.

I find your thoughts about the constitution to be very compelling, and would like to subscribe to your newsletter.

Also, would you agree that people on the no-fly list, no matter how they got on it, should be deprived of their constitutionally protected rights without any sort of due process? I thought you would! Please feature your praise of that scenario in your next newsletter, and be sure I get a copy in my new subscription.

It's why people should move to solar+battery.

[Gravis+Zero]

One thing that is clear is that capitalism is incompatible with computer security*. In lieu of a massive regulatory overhaul that won't happen, we should be switching to independent self-sustainable systems. Therefore, people should switch to using solar panels with battery backup for power because they are both independent and self-sustainable. For those who do not have the space to do so, you will remain at the mercy of the power grid until you get the space.

* Capitalism is about making money. Making a perfectly secure product is expensive and would be counter-productive when you could just sell new versions of the same thing.

Why is it connected to the public internet?

[krisyan]

Am I completely naive in thinking that critical systems like this shouldn't have a link to the public internet? I know it may be expensive to build out your own network, but it seems worth it. I

Re:Why is it connected to the public internet?

[cfalcon]

It's surprising how only governments seem wiling to make truly airgapped networks the norm, but I'd imagine SOME utilities do- just not all of them?

Re:Why is it connected to the public internet?

[AHuxley]

To totally get rid of union workers on different sites over a network or state, region, then only have a few computer experts looking over a wider network.
The idea was sold as a way to remove low and mid level human workers and then just have a smaller count of needed, per law experts to look after huge networks. Different teams could then drive out as needed, when needed.
The pro part for the shareholders is the reduction in union workers, cost savings and better understanding of faults.
The down side is parts of the power network is connected to the public internet with well understood consumer grade computer operating systems patched for the working conditions, not network security.
A rush for past profits reduced the useful, much needed on site human air gap.
Now the no bid security upgrades can be pushed out after conversations with owners and critical infrastructure experts. Wonderful contracts for a limited number of trusted brands that are allowed to bid :)
A new rush to fix a rust belt grid.

Don't be surprised

[Tablizer]

The bottom line is that if the US wages war on ANY medium or large country, we should expect infrastructure outages and perhaps sabotage. That's probably the same for all countries. There are surely gaps lurking about ready to be exploited.

Buy a good book to read when everything electric is out. A month supply of food and water could also come in handy. If you are in bigger city; and power, traffic signals, trains, truck ignition systems, etc. start goofin' up, it will take a while to get enough basic supplies in.

Funny "morale" vs. "moral"...

[tlambert]

Because China is a morale compass for all of us to follow.

Funny "morale" vs. "moral"...

While they are *certainly* a bad *moral* compass, it would certainly improve my *morale* if idiots like this were shot...

Re:Funny "morale" vs. "moral"...

[Ravaldy]

I'm French. I tend to make mistakes like that. Thanks for the correction. Very appreciated.

Re:Funny "morale" vs. "moral"...

[tlambert]

I'm French. I tend to make mistakes like that. Thanks for the correction. Very appreciated.

Which means you are probably better at cooking with morel than I am... ;^)

Bullshit

and the next time it will be Russian comments, or Chinese comments, or whoever is on the current agenda.

Iranian "hackers" in Canada

Sure, blame it on the mooselims

Re:Iranian "hackers" in Canada

Persians

Worked in the industry, security is crap.

[eagee]

Now, this was four years ago, so it might be a lot better now; but I worked for an RF smart metering firm and their security and authentication was appallingly bad. The problem with the free market and new technology is that the incentive just isn't there to do it right the first time when you can do it wrong and still get sales (and then require the users to buy a replacement product later on). We had some large purchases of our products (think home meters for half the the biggest state in the US as one of our larger clients) that were in my mind pretty weakly secured. I'm not surprised to hear they've been infiltrated.

The good news

At least the good guys can access the power grid over the Internet because lord knows it was a massive inconvenience driving down to a local power plant or distributor. /s

Predicted by Journalist Ted Koppel

[dklann]

In his recent book "Lights Out" Ted Koppel (of ABC news "Nightline" fame) lays out in pretty good detail how and why he and others believe this is the case. Read it. And consider preparing for it.

Re:Predicted by Journalist Ted Koppel

[wyHunter]

This is slashdot - the antiprepper site.

Load shedding

There still is the load shedding control system in use which does not require a internet connection. I'll leave the details out but let's just say that if someone was serious about messing up the grid the hack is trivial.

Re:Power company Executives need to be put in Jail

Ahh comments from the "I dont have a fucking clue crowd" I love these.

Lumpy is technically right. Only complete Drooling morons would ever put a SCADA system on the internet.

Sadly most companies are in fact ran by said drooling morons, It's a requirement to be an executive, I believe there was a federal mandate back in 2004.

Yet more cyber hackers bullshit ..

[nickweller]

There's only one solution: Congress will have to pass a law that makes it mandatory for Homeland Security to bug our household smart meters.

hire a hacker

i just need to share this testimony,when i thought i lost everything,my money was wired away by my,boyfriend almost $302,000. and my bank was hacked,emails etc. i was directed to WALTSTEPH82 at GMAIL dot COM ,a very good man who is a HACKER, he helped me wired my money back,recover my mail,and he hacked my boyfriends mail,whatsapp so i could spy on him,in case you need a hacker,to upgrade your exam score,change your grade,track/hack your husband phone contact waltsteph82@gmail.com or call or text +1 601 866 5203

Karma? Re:Karma is a bitch

Karma? No... God's punishment of a nation-state who is turning away from Him. Some of the pinnacles of this nation's transgressions are abortion and outright support of homosexuality, which lead to what? Infiltration by foreigners, defeat by enemies, and inevitable captivity of its poeple. Yes, we Americans are facing these things because this nation has turned away from God. At the very roots of our infrastructure, our systems, we're facing the makings of a punishment that God orchestrates through our enemies. That's how He's always operated.

Most professing Christians don't understand that Jesus Christ, the God of the Old Testament, has not changed His mode of operations, because in addition to Love, God is judge! As the U.S. stands today, so did the ancient nation of Israel. When they allowed themselves to be led into sin, God allowed sinful kings to become their rulers as national punishment. Then, the nations around them looked down upon them with disdain for their immorality and wickedness, because they, of all nations, were supposed to be a model nation of God! Then, as a nation, they were punished with captivity, which looks inevitable for the U.S. without God's intervention. But will God intervene? Only if there's wide-scale repentance.

The good news is, even without wide-scale repentance, each of us can individually repent to God the Father in the name of Jesus Christ and will be better off for it. It takes work - Bible Study and prayer and fasting. So work while you have the light!

Meta comment (sort of)

[Keith+Henson]

"that people wouldn't sacrifice for their strongly held beliefs?"

In an evolutionary context, why would people ever have beliefs strong enough they would die for them? Genes that contribute to such behavior should quickly vanish from the gene pool! But they clearly don't. The key to this is that the suicide bombers (or in times gone by tribal warriors) were not the only ones to carry the "die for the cause" genes. Their children did and if you work out the math, it turns out that genes for getting so wrapped up in a cause as to kill and be killed for it did better under reoccurring situations of ecological crisis than doing nothing. The main reason is that the young women who carried copies of the genes of defeated warriors were taken into the victorious tribe as wives and the warrior's genes marched on. Statistically, the effect was about 37% better survival for genes to get hyped up to kill neighbors--under some circumstances. If you work the model the other way, where circumstances did not favor this behavior, the bias was 45% against. So both the tendency to sacrifice and judging when it was effective were strongly selected over the past few million years.

It's weird, but it looks like both wars and religions (i.e., strongly held beliefs) are closely related and both stem from young women being booty in past human environment of evolutionary adaptedness.