2014 November 20 Thursday
US Power Grid Vulnerable To Cyber Attack

Admiral Michael Rogers, head of the US National Security Agency, told Congress that China and possibly a couple of other countries have the ability to take down the US electric power grid in a cyber attack. Lights out disaster novels premised on the collapse of the US power grid usually use an electromagnetic pulse to make it happen. But internet packets might be enough to do it - albeit for a shorter period of time.

Do you ever get the sense that the US government defends us against non-threats and small threats while inviting in or ignoring much bigger threats? Seems that way to me. We have the USAF building the most expensive fighter plane at the slowest rate of development that guarantees old technology by the time the thing finally flies. Hundreds of millions spent while the head of the NSA says our electric power grid could be taken down by a cyber attack. We fight against terrorist groups in the Middle East while Western societies let radical Muslims immigrate.

It isn't just the government that is lame and focused on the wrong stuff. Lots of companies have lame internet security with lots of devices on the net that can be easily penetrated.

Another story came out a few weeks ago about how Russian hackers have put some malware called "Black Energy" into key infrastructure computers and the malware has been in place for a few years. Is this true?

I'm quite prepared to think that utility companies, fuel pipeline companies, and the like are even more lame than Target, Home Depot, JPMorgan Chase, and a long list of other companies who at least discovered hacks. The core competencies required to do internet security seem quite different than the other core competencies needed to run most companies. I do not expect the CEO of a power utility to get computer security..

US companies and other Western companies are bleeding their designs, customer lists, formulas, and processes to Russian, Chinese, and other players who are eager to steal information for profit. Plus, states and even non-state actors are eagerly preparing for cyber warfare by penetrating systems that control key pieces of infrastructure. I;m guessing the non-state actors of a hostile sort (as compared to being of a money-seeking criminal sort) are most likely to carry out real attacks against infrastructure computers. Have they failed to do so due to lack of intellectual resources?

Share |      By Randall Parker at 2014 November 20 08:03 PM 


Comments
Jim said at November 21, 2014 5:57 AM:

What do you know about the potential dangers of Coronal Mass Ejections? Is anything being done to put safeguards in place to protect the US power system?

John Cunningham said at November 21, 2014 4:45 PM:

the net is full of info on CMEs and their potential disastrous effects. just do a bit of googling..nothing is being done.

http://en.wikipedia.org/wiki/Solar_storm_of_1859

John Cunningham said at November 21, 2014 4:46 PM:

the net is full of info on CMEs and their potential disastrous effects. just do a bit of googling..nothing is being done.

http://en.wikipedia.org/wiki/Solar_storm_of_1859

Harald Strongarm said at November 22, 2014 6:07 PM:

What? Not Putin? Unless it is Putin who can take down the grid, I'm not worried. The Chinese are our Best Friends! Only Putin is an Enemy of All Humanity.

Wolf-Dog said at November 22, 2014 8:27 PM:

Recently the US made it clear in no uncertain terms that a devastating cyber attack will be considered an act of war, and that the US can take physical military action against the perpetrators if they are discovered. This means that a foreign government would think twice before a major cyber attack, and that such an attack would be carried out primarily as a prelude to a bigger attack or as the continuation of an ongoing war.

Moreover, only relatively well-funded enemies can be advanced enough to launch fundamentally crippling cyber attacks on the US, and if stateless enemies are funded by a foreign government, the US certainly has powerful forensic cyber investigation capabilities that can determine who supported these stateless cyber terrorists. Thus, once again foreign governments would in principle make sure that the cyber attacks that their proxies launch on the US would not cause fundamentally devastating cyber attacks, unless they have already planned a major war that. Of course, there can be miscalculations that lead to unplanned escalations, but in principle the severity of the cyber attacks perpetrated by foreign governments will depend on their confidence that they can survive full military action against them.


Post a comment
Comments:
Name (not anon or anonymous):
Email Address:
URL:
Remember info?

      
 
Web parapundit.com
Go Read More Posts On ParaPundit
Site Traffic Info
The contents of this site are copyright