[ISN] Did Hackers Cause the 2003 Northeast Blackout? Umm, No

From: InfoSec News (alerts@private)
Date: Sat May 31 2008 - 01:27:14 PDT


By Kevin Poulsen 
Threat Level
May 29, 2008 

Chinese hackers may have been responsible for the recent power outage in 
Florida, and the widespread blackout that struck the northeastern U.S. 
in 2003, according to a new report in the National Journal that shows 
the intelligence community taking cyberwar hysteria to new and dizzying 

The story, citing computer security professionals, who in turn cite 
unnamed U.S. intelligence officials, says that China's People's 
Liberation Army may have cracked the computers controlling the U.S. 
power grid to trigger the cascading 2003 blackout that cut off 
electricity to 50 million people in eight states and a Canadian 

"Investigators blamed 'overgrown trees' that came into contact with 
strained high-voltage lines near facilities in Ohio owned by FirstEnergy 
Corp.," the story reads. "There has never been an official U.S. 
government assertion of Chinese involvement in the outage, but 
intelligence and other government officials contacted for this story did 
not explicitly rule out a Chinese role. One security analyst in the 
private sector with close ties to the intelligence community said that 
some senior intelligence officials believe that China played a role in 
the 2003 blackout that is still not fully understood."

It's official: Cyberterror is the new yellowcake uranium.

Ever since intelligence chief Michael McConnell decided on 
cyberterrorism as the latest raison d'etre for warrantless NSA 
surveillance, we've seen increasingly brazen falsehoods and unverifiable 
cyberattack stories coming from him and his subordinates, from 
McConnell's bogus claim that cyberattacks cost the U.S. economy $100 
billion a year, to one intelligence official's vague assertion that 
hackers have caused electrical blackouts in unnamed countries overseas.

This time, though, they've attached their tale to the most thoroughly 
investigated power incident in U.S. history.

The official investigation into the February outage in Florida is 
ongoing, so I'll be watching with eager eyes for signs of Chinese 
hackers when the final report comes out. But there's no need to wait to 
evaluate the claim that hackers caused the northeastern blackout of 
2003. The North American Electric Reliability Council spent six months 
investigating the outage.

The detailed 228-page final NERC report found a complex confluence of 
events responsible, but not a single hacker. It traced the root cause of 
the outage to the utility company FirstEnergy's failure to trim back 
trees encroaching on high-voltage power lines in Ohio. When the power 
lines were ensnared by the trees, they tripped.

In fairness, there was a cyber component to the blackout. In 2004, I was 
the first journalist to report on a bug in a GE energy management system 
that resulted in an alarm system failure at FirstEnergy's control room, 
which kept the company from responding to the outage before it could 
spread to other utilities. But the bug -- a subtle race condition -- was 
a poor candidate for a Chinese logic bomb. For one thing, it wasn't just 
at FirstEnergy. It was in a GE product called the XA/21 in use at more 
than 100 utilities across the globe. And it didn't cause the blackout, 
it just hampered the response.

So China would have to have planted the race condition in a product used 
around the world, then, using the most devious malware ever devised, 
arranged for trees to grow up into exactly the right power lines at 
precisely the right time to trigger the cascade.

Or maybe I'm being naive. Maybe there were no trees. Implicit in this 
new cyberterror tale is the suggestion that everybody who investigated 
the 2003 blackout, including FirstEnergy, the Department of Energy, the 
Federal Energy Regulatory Commission, and the civilian North American 
Electric Reliability Council, were part of a massive conspiracy to 
conceal a (pointless) Chinese hack attack from the American people.

Now that we're seeing "overgrown trees" between the same scare quotes 
conspiracy theorists bracket around "lone gunman" and "moon landing," 
the cybarmageddon hawks have squarely set foot in the realm of 9/11 
truthers. I'm waiting for them to blame Chinese hackers for "Hurricane" 

Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com

This archive was generated by hypermail 2.1.3 : Sat May 31 2008 - 01:42:09 PDT