PowerSwitch

The national electricity grid is wide open to a devastating cyber attack that could wreak havoc on the economy and make the 2008 financial crisis seem puny by comparison, a leading computer industry guru has told The Independent.

James Martin, who has made a fortune from making predictions about future developments in computers, warned that the only sure way of safeguarding the electricity grid against a coordinated cyber assault is to disconnect it completely from the internet.



http://www.independent.co.uk/life-style ... 85155.html

Very interesting.

You can't do that! What about the staff's human rights to be able to read their emails?

I'd expect to see a collapse of a few public sector systems from virus attack. IT security, like other risk based spending, is harder to protect from cutbacks.

Cyber attacks take money and resources. What would be the benefit and who would want to?

The threat is being over stated as preconditioning propaganda to prepare people for large electricity price rises. I would expect to see similar stories, mainly in the Telegraph and on the BBC, about power failures over the next couple of months. There is backlog of essential maintenance to be carried out. This will provide an opportunity for the companies to cut people off and lable it under investment as preparation for prices rises.

Wasn't this the plot for Die Hard 4?

kenneal wrote:You can't do that! What about the staff's human rights to be able to read their emails?

You could still use the internet for the normal administerative functions of any large business, including email.
I dont believe that the internet should be used for any important control functions, owing to the risk of attack.
We did after all have a national grid before the internet !

Internet MONITORING of remote substations can be usefull, but CONTROL, no way !

All important grid sites should be linked by private dedicated telephone and data lines not interconnected with any public network.
Secondary sites could reasonably use the public telephone and internet system, but only for passing messages or information to a human engineer, not for direct internet control of anything owing to the risk of attack.
Some remote sites use remote telephone control of plant, this is old technology and relatively safe. Anyone attempting misuse would have to know the telephone number, and the access code which are kept secure. They could no doubt be obtained, but all that could be done would be improper control of a small switching center, leading to a one-off local blackout. There would be no question of a general attack and subsequent failure as with an internet based system.
Any general failure of the telephone system simply means that someone has to drive to the site and operate controls manually.

According to this report, the risks are increasing, though it must be said that the source of the report has a vested interest as they sell internet security.
http://www.bbc.co.uk/news/technology-13122339

Cyber attack? What about physical attack?

A dozen crews, in a dozen transit vans, painted/dressed up in National Grid colours and equipped with beefy metal cutting equipment could take out a dozen strategic supergrid pylons around the country in one night. Couple of hundred £k and ~30 suitably motivated volunteers would do it.

Agreed, and arguably more likely.

kenneal wrote:You can't do that! What about the staff's human rights to be able to read their emails?

Should have put a smiley after that, I suppose.

A physical attack would be more likely. A couple of Molotov cocktails on a substation would probably do the trick, but don't tell anyone nasty.

Time to re-visit this old thread, I feel, in view of the growing tensions between Russia and America over alleged internet hacking.
Although these tensions do not DIRECTLY involve the UK, the risk of an attack on the UK national grid are IMHO increasing.
With so little spare generating capacity available, even a small scale attack could have serious consequences.

Seems to be some sort of large-scale cyber attack on the NHS affecting both England and Scotland, causing disruption and cancelled appointments etc.

Expert saying getting into the NHS system may have been accidental after a smaller company could have been targeted.

This seems to be global attack, probably the largest one yet. It targets a known, and patched Microsoft vulnerability... 'cept many people/organisations don't keep their software updated.

Certainly cause for concern, IMHO the risks of a successful cyber attack on the grid is increasing.
It would be well to review ones preparations for power outages, whether caused by cyber attack, physical attack, or of course simply running out of gas to fuel power plants.