[ISN] Terrorists Hacking Power Systems

From: InfoSec News (alerts@private)
Date: Sun Mar 02 2008 - 22:03:02 PST


http://cryptome.org/hack-power.htm

http://groups.yahoo.com/group/coldwarcomms/message/12951

To: coldwarcomms@private
From:
Date: Sat, 1 Mar 2008 10:40:46 -0800 (PST)
Subject: [coldwarcomms] Re: Terrorists hacking power systems 
[was RE: Genset from AT&T site

Hello All:

I need to weigh in here. Address a couple points. Sorry this is not so 
much comms related. Somehow I missed "the" video, could someone point me 
to it. [Video]

- I am a Chief Powerplant Operator at a mainstem Columbia River dam, in 
  the northwest. I have worked in hydro powerplants, and high voltage 
  switchyards for 27 years.

All large generators are protected by vsarious protective relay schemes, 
and are well protected. They are protected for manyconditions, such as 
loss of excitation, generator ground, generator differential, phase 
imbalance, negative sequence current, overvoltage, and the list goes on. 
In the old days, these relays were descrete relays for each function, 
but now, they are basically microprocessors, and one box has many 
functions, and the "relays"  as we still call them, have sophisticated 
comms between them, and the control systems.

It would be hard to damage a large generator from hacking into the 
network, but you could certainly casue problems if you go it, such as 
opening the spillway, or shutting down the generators.

- Not all large bulk power generators are the same, steamers turn very 
  fast (3600 RPM) and depending on head of water, and type of turbine, 
  etc, hydro units turn slow (100-400 RPM) so synchronizing these is 
  very different.

I have many seen "bad shots" taken on synchrnizing on different sizes of 
hydro units, with varying results. Anything from, the unit pulled into 
synchronism (slower unit) to the protective relays operating, and 
shutting the down the unit.

I have never heard of a large generator "self-destructing" although 
damage is possible, especially if the protective relays failed, or 
breaker failed. You have to remember, these large generators are made to 
feed huge electrical faults, and the breakers are made to interrupt such 
faults.

For the record, for manual synchronism, we use a synchroscope, which 
looks at the phase angle between the power system "grid" and the 
generator to be synchronized, we can determine if the generator is too 
fast or slow, and when the moment of synchronism occurs, that is when 
you close the breaker.

This happens in a nice controlled operation, no slamming, or banging, if 
it is accomplished correctly. There is a noise that occurs on a shot 
that is not right on, can it can be anything from a thump sound, to a 
heightened buzzing (transformer type hum)  from the stator, I believe 
this is from the slight physical movement of the coils, it quiets down 
after the generator is warmed up.

We also have an automatic synchronizer, it can produce various quality 
of synchronism.

And, yes, even in a hydro plant, we have "pre-heated" diesel generators 
sets, both for the spillway, and for the powerhouse.

- In the Northwest, we have a lot of generation, and in the Southwest, 
  they have a lot of load, the "normal" flow of power is from the North 
  to South, along the west coast, if that tie separates, we in 
  theNorthwest are left with a large excess of generation, and, there is 
  a remedial action scheme, which includes tripping large generators off 
  line, and (I am not kidding) a very large load bank (read giant 
  resistor here) that switches in for just long enough to help brake the 
  system, and then switches out before it over-heats. It is nicknamed 
  the "toaster". So, yes, it exists.

- As far as comms go, I do know our "computer engineers" both for the 
  security system, and the plant control system, and power system 
  control computers, can get in from home, over the public network, and 
  that access is "deeper" that my access running the plant. Not sure of 
  the security but, there is also a modem that can be called over a 
  public phone line, so the manufacturer can get in if needed.

I feel we are lacking on security, and it would be easy to get in if you 
wanted to.

- Plant physical security is better than before 9-11, but it is still 
  horrible, you can "tag in" or follow someone in through a security 
  gate, and we have so many contractors working on site, that anyone 
  could walk in or out, and no one would notice, how could we?

- OK, this is way to long, sorry.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Sun Mar 02 2008 - 22:06:49 PST