US Power Plants Are Easy to HackAdded: Tuesday, November 5th, 2013
Category: Geek Zone > Technology News
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2013, www.extratorrent.cc
According to researchers, there are two dozen security holes that can be used to crash or seize control of facilities’ servers. Power plants across the United States and Canada could overheat, shut down or be caused to malfunction due to security vulnerabilities.
The researchers have found 25 zero-day vulnerabilities in the protocol by which power plants communicate internally. Normally, the security experts don’t take a look at such protocols because they are isolated from the web. Moreover, the specificity of the protocols means they should have a kind of security through obscurity: if not many people know how they work, then nobody is supposed to know how to exploit them.
However, the researchers warn that this is a false comfort. In case somebody tries to breach the control center through the worldwide web, they have to bypass layers of firewalls. However, the hackers could go out to a remote substation with very little physical security and get on the network and take out hundreds of substations potentially. In the meanwhile, they don’t necessarily have to get into the substation either.
So far, the researchers have reported 9 of the potential exploits to the vendor who designed each one, and to the US Department of Homeland Security. They pointed out that most of the flaws allow potential intruders to send controlling servers into infinite loops, thus rendering them unable to respond to commands from controllers. Although it is not like rendering them unable to control the utilities, it could still mean that the operators in charge of sections of the power grid cannot see conditions on the ground.
The industry observers admit that the worst of the security flaws exposed so far enables a potential buffer-overflow attack, whereby code which is stored for one purpose can “overflow” its container, and finally be executed when it shouldn’t be. The security researchers warn that at its most serious, this flaw allows for code to be injected into servers, which could allow hackers to take over the whole system. Maybe this is where US authorities should put their efforts, instead of pursuing file-sharers all over the world.
November 5th,2013Posted by:
Tuesday, November 5th, 2013
|This is what happens when non-tech-savvy people are in charge of major facilities which are getting more and more advanced with technologies.|
US Prison systems are electronically controlled now. Whatever happened to latch and key? The loonies will stay locked in if we lock them up the old school way. If a serious cyber attack takes down the US power grid - oh boy! Look! All of our charming well mannered old friends being let loose to play with us again. Sure, there might be backup batteries or generators to keep the doors closed for a little while longer after a major power outage, but those will eventually expire after just a few days.
Anybody watch that NatGeo movie, "Blackout"? It's almost friggin hilarious how crazy people will go when they lose power. And the doomsday preppers think they have it all figured out, too, with a bunker for safety and generators for extra electricity. They'll be smug about that at first, until it dawns on them... It's all temporary. They'll run out of gas/propane/food/water eventually and have to come out of their holes. Even better, they show us how bunkers are built on TV so we have a pretty good idea how to infiltrate them. Heh. People. Such an entertaining lot.
|posted by (2013-11-05 19:30:00)|
|Power companies communication via their own power lines like in a network. The thing is the article isn't correct that it is that easy to exploit as stated. There is still the need to log onto the system even from a remote substation as well as other security protocols. Anything as claimed and the power plant locks out outside communications and goes to manual in the worst case scenario.. This would imply the main control room at a power plant which is "manned" 24/7 by personnel has to over ridden which it can not..|
Besides allot of people have gone "solar" power for their houses with backup generator included... My PV panels total 4k watts two forklift battery banks at 24v, wind turbine at 1500 watts AND generator.. Actually the power company pays me due to using a grid tie inverter.
Most Popular Stories