18 January 2008
It's scary that this can happen, but it shouldn't surprise anyone. Ten years ago, the National Security Agency conducted an operation known as Eligible Receiver, in which a team of simulated hackers showed that they could shut down the US power grid. Remember how much less use of the Internet there was then — and the system was still vulnerable.
It's tempting to say that the operational networks for the power grid (or the financial system, or the railroads, or what have you) shouldn't be connected to the public Internet. Unfortunately, that's difficult to do, because there are operational needs for interconnection. For example, in some jurisdictions customers can switch among different power generating companies in real-time. But this isn't just a billing artifact, to be resolved later; the total demand load on a given company has to be communicated to it, so they can adjust the performance of their generator. Even without that, there generally needs to be connectivity to internal corporate nets, so that engineers can monitor and adjust system performance.
Many people will respond that that doesn't conflict with the ability to
create separated nets. In theory, that's true. In practice,
maintaining the air gap is very hard. Even the Defense Department
can't always do it; viruses
to classified networks
in the past.
noted a few days ago,
computer security failures can have real-world consequences. This is
yet another example.
As I noted a few days ago, computer security failures can have real-world consequences. This is yet another example.