[ISN] Northeast, Canada power failure exposes infrastructure frailty

From: InfoSec News (isnat_private)
Date: Fri Aug 15 2003 - 00:58:25 PDT

  • Next message: InfoSec News: "[ISN] Microsoft, Your PC's Security Guard?"

    Forwarded from: William Knowles <wkat_private>
    
    http://www.computerworld.com/securitytopics/security/recovery/story/0,10801,84042,00.html
    
    By DAN VERTON 
    AUGUST 14, 2003
    
    Federal and state emergency officials are scrambling to determine 
    the source of a major power outage that rippled through the northeast 
    from New York to Canada and as far west as Detroit. 
    
    While it is too early to tell exactly what caused the cascading 
    failure, which hit about 4 p.m. EDT, national security experts said it 
    was a prime example of how fragile the nation's critical 
    infrastructures are to both self-inflicted disruptions and deliberate 
    sabotage. 
    
    There were no quick determinations of the source of the failure. New 
    York City Mayor Michael Bloomberg told reporters late this afternoon 
    that there was no evidence the failures were related to terrorism. 
    
    There were reports, however, of a fire at a Consolidated Edison power 
    facility in New York -- although Bloomberg dismissed those in a new 
    conference about 6 p.m. Others speculated that the failure could be 
    related to the ongoing outbreak of the Blaster worm, which has 
    disrupting hundreds of thousands of computers world wide since Monday. 
    The CERT Coordination Center this afternoon said it has seen no 
    evidence that that is the case. 
    
    "The big question is what caused it," said Roger Cressey, former chief 
    of staff of the President's Critical Infrastructure Protection Board. 
    "If the fire in the Con Edison facility led to this, then it's a 
    wonderfully graphic example of how fragile and interdependent our 
    critical infrastructure is," he said. 
    
    Paula Scalingi, the former director of critical infrastructure 
    protection at the Department of Eenergy, said the failure proves the 
    nation hasn't prepared for these types of events beyond where it was a 
    few years back, and said it will likely be a while before the exact 
    cause is known. 
    
    "What customarily happens is that they do an engineering study and 
    that may take them a while," said Scalingi. "What we do know, however, 
    is the way that the grid is set up and configured means that certain 
    failures will have cascading impacts. It's nothing new."
    
    And while research in more adaptive systems is ongoing, Scalingi said 
    the effort has suffered from lack of focus and a sense of urgency. "We 
    haven't even begun to get economic, health and safety and other damage 
    reports." 
    
    Joe Weiss an analyst at Kema Consulting in Fairfax, Va., and the 
    former technical manager of the Enterprise Infrastructure Security 
    Program at the Electric Power Research Institute in Palo Alto, Calif., 
    said the power grid is frail from lack of capacity and because it is 
    highly interconnected, making such widespread cascading failures 
    possible. 
    
    "The failover systems are there, but the grid is comprised of a lot of 
    systems that will automatically trip [off] during a failure or 
    disruption," said Weiss. "We've assumed we have enough cushion in the 
    system so that you can lose a number of power plants and substations 
    and still have enough transmission capability to handle the load," 
    Weiss said. "But the truth is you may or may not have that cushion." 
    
    Weiss also acknowledged that much of the research and development work 
    for more resilient IT systems for the electric power grid -- called 
    for last year by the National Research Council (NRC) -- has not 
    evolved to the extent officials would like. 
    
    In that report, "The Role of Science and Technology in Countering 
    Terrorism," the NRC warned that a regional transmission grid failure 
    could occur if damage or destruction to important parts of the grid 
    were followed by a cascading failure of interconnected components. 
    
    The report recommended that the Department of Energy work with the 
    private sector to develop "intelligent and adaptive" electric-power 
    grid systems. 
    
    "Such an intelligent grid would provide the system with the ability to 
    fail gracefully, minimizing damage to components and enabling more 
    rapid recovery of power," the report stated. "A key element would be 
    adaptive islanding, a concept employing fast-acting sensors and 
    controls to isolate parts of the power system. Operations models and 
    intelligence would be needed to differentiate between failure of a 
    single component and the kind of concurrent or closely coupled serial 
    failures, at several key nodes, that could indicate the onset of a 
    concerted attack," according to the report. 
    
    In an interview last year shortly after the NRC released its report, 
    Ed Badolato, the former deputy assistant secretary for energy 
    emergencies at the DOE, said the government's intelligent grid 
    initiatives should be sped up to allow for a better understanding of 
    when the nation is being attacked and allow operators to prevent 
    catastrophic system failure. 
    
    Private sector cybersecurity experts have for years also warned of the 
    vulnerabilities posed by the energy industry's deliberate efforts to 
    connect Supervisory Control and Data Acquisition (SCADA) systems -- 
    the real-time computers used to manage grid capacity and flow -- to 
    corporate local area networks as a way of improving statistical 
    tracking and sales of excess grid capacity. 
    
    In a white paper prepared by Alexandria, Va.-based Riptech Inc. in 
    January 2001, the company detailed how the power industry's demand for 
    remote access has encouraged many utility firms to establish 
    connections to SCADA systems. "The security strategy for utility 
    corporate network infrastructures rarely accounts for the fact that 
    access to these systems might allow unauthorized access and control of 
    SCADA systems," the white paper concluded. 
    
    
     
    *==============================================================*
    "Communications without intelligence is noise;  Intelligence
    without communications is irrelevant." Gen Alfred. M. Gray, USMC
    ----------------------------------------------------------------
    C4I.org - Computer Security, & Intelligence - http://www.c4i.org
    ================================================================
    Help C4I.org with a donation: http://www.c4i.org/contribute.html
    *==============================================================*
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri Aug 15 2003 - 04:33:42 PDT