[ISN] No Chinese Hackers Found in Florida Outage Either

From: InfoSec News (alerts@private)
Date: Wed Jun 11 2008 - 01:02:30 PDT

Previous message: InfoSec News: "[ISN] U. theft threatens patients' privacy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

http://blog.wired.com/27bstroke6/2008/06/no-chinese-hack.html

By Kevin Poulsen 
Threat Level
Wired.com
June 10, 2008

A recent report from the National Journal cited [1] computer security 
executives and U.S. intelligence officials blaming Chinese government 
hackers for two major U.S. power outages. We already debunked [2]the 
claim with respect to the massive 2003 northeast blackout.  Now the 
Florida Reliability Coordinating Council has released its preliminary 
report [3] (.pdf) on the February 26th 2008 Florida outage, and -- no 
surprise -- human error, not cyber terrorism, is to blame.

    Although the initiating cause of the event is still under review by 
    the Field Personnel Actions Review Team (FPART), a sub-team of the 
    FEAT, the preliminary cause is currently linked to the disabling, by 
    a relay field engineer, of all local protective relay equipment 
    while troubleshooting an associated 138 kV switch. The FRCC Handbook 
    requires that .each system operator shall notify the FRCC Security 
    Coordinator when a protective relay or equipment failure that 
    reduces system reliability occurs.. Although the FEAT has not come 
    to any conclusions regarding this part of the analysis, the nature 
    of this procedure and its importance warrants that it be reaffirmed 
    by the FRCC OC to ensure that FRCC system operators and relay field 
    personnel understand the intent and importance of the procedure when 
    performing maintenance on FRCC bulk power system elements.

The organization has released six recommendations to prevent a 
recurrence of the fault. None of them include letting the NSA monitor 
[4] all U.S. web traffic.

[1] http://www.nationaljournal.com/njmagazine/cs_20080531_6948.php
[2] http://blog.wired.com/27bstroke6/2008/05/did-hackers-cau.html
[3] https://www.frcc.com/Reliability/Shared%20Documents/FEAT%20Interim%20Report.pdf
[4] http://blog.wired.com/27bstroke6/2008/01/feds-must-exami.html


_______________________________________________      
Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com

Previous message: InfoSec News: "[ISN] U. theft threatens patients' privacy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed Jun 11 2008 - 01:10:50 PDT