Forwarded from: William Knowles <wk_at_c4i.org>
http://www.computerworld.com/securitytopics/security/recovery/story/0,10801,84042,00.html
By DAN VERTON
AUGUST 14, 2003
Federal and state emergency officials are scrambling to determine
the source of a major power outage that rippled through the northeast
from New York to Canada and as far west as Detroit.
While it is too early to tell exactly what caused the cascading
failure, which hit about 4 p.m. EDT, national security experts said it
was a prime example of how fragile the nation's critical
infrastructures are to both self-inflicted disruptions and deliberate
sabotage.
There were no quick determinations of the source of the failure. New
York City Mayor Michael Bloomberg told reporters late this afternoon
that there was no evidence the failures were related to terrorism.
There were reports, however, of a fire at a Consolidated Edison power
facility in New York -- although Bloomberg dismissed those in a new
conference about 6 p.m. Others speculated that the failure could be
related to the ongoing outbreak of the Blaster worm, which has
disrupting hundreds of thousands of computers world wide since Monday.
The CERT Coordination Center this afternoon said it has seen no
evidence that that is the case.
"The big question is what caused it," said Roger Cressey, former chief
of staff of the President's Critical Infrastructure Protection Board.
"If the fire in the Con Edison facility led to this, then it's a
wonderfully graphic example of how fragile and interdependent our
critical infrastructure is," he said.
Paula Scalingi, the former director of critical infrastructure
protection at the Department of Eenergy, said the failure proves the
nation hasn't prepared for these types of events beyond where it was a
few years back, and said it will likely be a while before the exact
cause is known.
"What customarily happens is that they do an engineering study and
that may take them a while," said Scalingi. "What we do know, however,
is the way that the grid is set up and configured means that certain
failures will have cascading impacts. It's nothing new."
And while research in more adaptive systems is ongoing, Scalingi said
the effort has suffered from lack of focus and a sense of urgency. "We
haven't even begun to get economic, health and safety and other damage
reports."
Joe Weiss an analyst at Kema Consulting in Fairfax, Va., and the
former technical manager of the Enterprise Infrastructure Security
Program at the Electric Power Research Institute in Palo Alto, Calif.,
said the power grid is frail from lack of capacity and because it is
highly interconnected, making such widespread cascading failures
possible.
"The failover systems are there, but the grid is comprised of a lot of
systems that will automatically trip [off] during a failure or
disruption," said Weiss. "We've assumed we have enough cushion in the
system so that you can lose a number of power plants and substations
and still have enough transmission capability to handle the load,"
Weiss said. "But the truth is you may or may not have that cushion."
Weiss also acknowledged that much of the research and development work
for more resilient IT systems for the electric power grid -- called
for last year by the National Research Council (NRC) -- has not
evolved to the extent officials would like.
In that report, "The Role of Science and Technology in Countering
Terrorism," the NRC warned that a regional transmission grid failure
could occur if damage or destruction to important parts of the grid
were followed by a cascading failure of interconnected components.
The report recommended that the Department of Energy work with the
private sector to develop "intelligent and adaptive" electric-power
grid systems.
"Such an intelligent grid would provide the system with the ability to
fail gracefully, minimizing damage to components and enabling more
rapid recovery of power," the report stated. "A key element would be
adaptive islanding, a concept employing fast-acting sensors and
controls to isolate parts of the power system. Operations models and
intelligence would be needed to differentiate between failure of a
single component and the kind of concurrent or closely coupled serial
failures, at several key nodes, that could indicate the onset of a
concerted attack," according to the report.
In an interview last year shortly after the NRC released its report,
Ed Badolato, the former deputy assistant secretary for energy
emergencies at the DOE, said the government's intelligent grid
initiatives should be sped up to allow for a better understanding of
when the nation is being attacked and allow operators to prevent
catastrophic system failure.
Private sector cybersecurity experts have for years also warned of the
vulnerabilities posed by the energy industry's deliberate efforts to
connect Supervisory Control and Data Acquisition (SCADA) systems --
the real-time computers used to manage grid capacity and flow -- to
corporate local area networks as a way of improving statistical
tracking and sales of excess grid capacity.
In a white paper prepared by Alexandria, Va.-based Riptech Inc. in
January 2001, the company detailed how the power industry's demand for
remote access has encouraged many utility firms to establish
connections to SCADA systems. "The security strategy for utility
corporate network infrastructures rarely accounts for the fact that
access to these systems might allow unauthorized access and control of
SCADA systems," the white paper concluded.
*==============================================================*
"Communications without intelligence is noise; Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
----------------------------------------------------------------
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
================================================================
Help C4I.org with a donation: http://www.c4i.org/contribute.html
*==============================================================*
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo_at_attrition.org with 'unsubscribe isn'
in the BODY of the mail.
Received on Aug 15 2003
Intro
