It's even easier than we feared to blind utility substations
By: SGN Staff
Quick Take: Do you remember the stories that used to circulate about building a nuclear bomb from instructions on the Internet? I'm starting to feel that terrorists could bring down the grid by reading stories on the Internet. Every week we get details about another vulnerability.
Here's the latest gambit receiving widespread attention. My advice is to make sure that your security team is aware of it and taking steps to close the gap.- By Jesse Berst
Engineers Adam Crain and Chris Sistrunk recently discovered a major grid vulnerability. Attackers could easily cause a widespread power outage by exploiting a flaw in the SCADA systems utilities use to monitor substations.
The pair eventually managed to break systems from 16 different SCADA vendors using the DNP3 communications protocol. At this point, according to an article in Daily Kos, they notified the U.S. Department of Homeland Security... which didn't bother to issue a formal alert until four months later.