Hackers Have Infiltrated the US Power Grid's Control Networks

davidwr writes: A security researcher and the Associated Press are reporting that hackers have infiltrated many of the United States' power grid networks. "About a dozen times in the last decade, sophisticated foreign hackers have gained enough remote access to control the operations networks that keep the lights on, according to top experts who spoke only on condition of anonymity due to the sensitive nature of the subject matter." Exfiltrated data included engineering plans and other non-public information that could aid an attacker later, as well as account credentials. Multiple companies were affected, but one of the more notable ones was the energy provider Calpine. "Circumstantial evidence such as snippets of Persian comments in the code helped investigators conclude that Iran was the source of the attacks. Calpine didn't know its information had been compromised until it was informed by Cylance, Kerr said."

Not too difficult

[RobinH]

This isn't too difficult. A couple years ago you could go to Shodan, search for well-known industrial automation equipment providers like Phoenix Contact, and try to find their devices with embedded web servers that someone has connected to the internet. Start clicking on IP addresses. Make sure you don't mess with anything you find. One interesting find was some of the big windmill turbines with real-time monitoring and everything. People installing this stuff really don't understand what they're doing.

Re:I wonder

One of my questions is, if it could be penetrated so deeply, why hasn't the grid been fucked over by someone by now?

Enron already did.

Made billions for themselves.

Re:I call BS.

[angel'o'sphere]

You are wrong on all regard and have no clue what the 'internet' is.

given the internet's propensity to not be operational when there are power issues
As long as the power plants run, the IP networks connected to it run. If there is any rest of the internet alive is irrelevant.

Power companies may have exposed some of their automation equipment inadvertently, but in general they totally understand the risks here and are taking steps to be careful.
Yes an no, in general the traffic is simply not routed into the public internet.

but I'll be willing to bet this is behind reasonable levels of encryption and it doesn't really matter to the safe operation of the system, only the efficient operation of it.
And you would lose that bet.

The internet, at least locally, is not very reliable so the power distributors have their own networks and back channel routes they use to manage their distribution networks.
No idea what you mean with reliable. Yes, they have their own communication lines. They power them themselves and have fallback power. They run them on IP, or TCP/IP or on propriety protocols. They are connected to the companies WAN usually, but usually not routed into the public internet.
They are mostly not used to control, but to monitor. Power plants and the connections to transportation grids are run _mannually_ like on a Carrier where there is a captain, there is dispatcher on a power plant. However one dispatcher might control several plants, so he has those under remote control and is steering them with IP protocols.
The machinery that connects a plant to a grid, is controlled from plant side. Usually on a manual command given at that side. There is usually no way at all to disconnect a plant remotely from a grid. Or to connect it to another one.
The information that at a certain time the plant should change its output or its grid connection might be sent via internet technologies, the execution is done manually, and trust me: the people doing that usually have enough clue to know if such an 'order' makes sense (or not).