Staged cyber attack reveals vulnerability in power grid
Loading...
Uploaded by fpzzuuulzgaxd on Sep 27, 2007
http://frgdr.com/blog/
From CNN's Jeanne Meserve
WASHINGTON (CNN) -- Researchers who launched an experimental cyber attack caused a generator to self-destruct, alarming the federal government and electrical industry about what might happen if such an attack were carried out on a larger scale, CNN has learned.
http://edition.cnn.com/2007/US/09/26/power.at.risk/index.html
- 49 likes, 10 dislikes
-
Link to this comment:
Top Comments
All Comments (45)
-
@MajorGoodGuy: You're missing the point - this particular machine DID have a DNS entry and was connected. And, for your information, I build interfaces for these machines for a living, and they DO have computers on the engine. It's called a "Skid Mounted HMI". @Thegodthatdied: Very good question! It shouldn't be directly connected. Some of our clients do, however, and shrug off security because"who would know to contact the genset?" A VPN is good basic precaution.
== John ==
-
@jgwinner He's just spouting bullshit, to hack this type of system would require you to first hack into a computer that is running SCADA software then once you did that you would then have to hijack the software to take control of the PLC and then cause the engine to speed up and overheats and all that bad stuff, the machine does not have a DNS and clearly is not hooked up to the Internet, its an engine, not a computer and theres no such thing as firewall codes, dumb ass. Stop BSing.
-
@bjtaudio That works right up until the first security vulnerability.
-
Normally when you design equipment, the firmware in the hardware it self should never give absolute control to a remote control interface, making it impossible for rouge commands or errors by the user to destroy the equipment.
Secondly mission critical equipment should not be connected to the Internet.
Remember the weakest link in any security system is typically the users, as they are easily tricked using social engineering, man in the middle attacks etc..
-
Why is this even connected to the internet. These kind of machines should be regulated within the factory. You people are making it real easy for skynet. I mean how stupid would a person have to be to connect a nuclear power plant to the virus infected internet. It's like a surgeon putting his hand into a pile of shit before going to the operating table.
2 months ago 2
-
generator abuse!!!!!!
-
How heavy was the generator?
-
Just like terrorism is a way for the government to be above giving anyone they choose a right to a fair trial. an "Internet cyber attack" will give the government full censership rights over the internet. Then they will dumb us down with mainstream news propaganda like TV. The zombies will think its to protect them, just like todays zombies do with Homeland Security already.
4 months ago 5
-
Interesting! These systems should be kept more secure. There servers that control these types of system operations should be ran on a private intranet. They should never have these servers running on the public internet unless its ran through a private virtual network! Power grids also use this same type of monitor/ control system. The same goes for traffic control units.
- 0:20Gas turbine failureby wai2sem1,830,717 views
Featured Video
- 3:52CNN: Cyber Security and the Aurora Vulnerabilityby Wurldtech7,645 views
- 2:43Test Generator Take Load 100% @ CATERPILA Bangnaby piyaweera33,801 views
- 7:42USAF Top Secret TR-3B Aurora Projectby AlienScientist156,938 views
- 3:25Chinese hackers: No site is safeby makindacut60,099 views
- 3:22Hacking the Power Gridby MelihVision7,527 views
- 2:14U.S. POWER GRID ATTACK BY HACKERSby bohol20093,288 views
- 1:16Cyber War - Consequencesby saturn5tony8,559 views
- 9:24MEGA BUILDERS - Building the world's largest co...by bergholdt290,658 views
- 6:31China & Russia Infiltrate US Power Grid-Cyber S...by civildisorder447,594 views
- 4:26Modern Power Gridby NETLMultimedia17,574 views
- 10:16Pt 1/9 CNN's Simulated Cyber Attack War Game "W...by researchris212,984 views
- 4:11Cyber War - The Aurora Projectby saturn5tony21,895 views
- 8:54A Smart Grid for Intelligent Energy Useby IEEETechActivities116,340 views
- 1:42Cyber War on Georgiaby WillyBCoyote7,592 views
- 5:17GLOBAL PULSE: Cyber Attack or Media Hack?by linktv2,639 views
- 5:07U.S Cyber Warfare Coming Soon..............by TruthNewWorldOrder8,461 views
- 2:26Aurora Diesel Standby Generator 20 kVAby auroraron21,661 views
- 8:53"Smart Grid" - Renovation Of Our Obsolete Power...by ZeroEnergyDesign6,283 views
- 2:22The "Aurora" IE Exploit used in Chinese Google ...by 3prefects7,336 views
It's not that hard to hack your way into a synchronizing system of a genset (MPTM multiple parallel to mains system) I monitor some gensets from here (comap or deapsea controllers) and to connect from the internet to these controllers for the first time I didn't even have to consult the manual....
Once youre in, and you know something about synchronizing systems it's all to easy to destroy the engine/generator coupling or the entire engine, so this video doesen't surprise me.
fietspomp1 3 years ago 10
Not true, they hacked this machine with nothing more than knowing the name of the company / DNS name, and the fact that the control systems were connected to the Internet.
No firewall codes were needed.
== John ==
jgwinner 3 years ago 9