01 March 2009
Not such a smart grid
02/03/09 00:26 Filed in: Stimulus
"IOActive, a professional security services firm, has
concluded that with $500 of equipment and materials
and a background in electronics and software
engineering, a hacker could infiltrate the advanced
meter infrastructure and cause a massive manipulation
of service to homes and businesses."
You know, as something of a computer geek, I read a few technical blogs and a have a few techie RSS feeds set up, and so something like this comes up and I'm not surprised. The infrastructure of the internet, even most intranets, is woefully inadequate. I hear about it a chuckle. I shrug it off thinking that if it were anything really sensitive, they'd be extra careful. However, this is nothing to be shrugged off. Obama has pledged to spend something like 11 billion dollars on building a "smarter" energy grid, so it seems like this thing could become a reality. If only 11 billion were anywhere near what it should actually cost.
I'm reminded of a movie, something like diehard 3 I think. This is not something only diehard 3 is guilty of, but its still especially bad in the film. One of the protagonist's cohorts is, predictably, the obligatory hacker. What is surprising about his hacking skills is that he often manages to hack devices not only too fast to be believable, but even hack devices that AREN'T NETWORKED. For instance, he manages to hack traffic signals, but as we all know, when one of those go down, they have to send a guy out there to fix it and it takes hours. Why? because it isn't networked! If it were, then there would be a possibility that all traffic lights might go down at the same time! The more complex you make something the more there is to go wrong I suppose.
In the case of America's power grid, improving it is one of the sagest things Obama has suggested. However, "improving" it with anything less than rock solid security would jeopardize national security in ways only hollywood has ever dreamed of. (Like in Eagle Eye where they hack the power lines to make them explode) Regardless, these changes are needed, however I would put more money into the air force's cyber command before investing in a fancy new networked energy grid. Lest we lose said grid to some asshole who just wants to watch the world burn, and has nothing better to do than infiltrate systems and make some sysAdmins job, and indeed life, miserable.
You know, as something of a computer geek, I read a few technical blogs and a have a few techie RSS feeds set up, and so something like this comes up and I'm not surprised. The infrastructure of the internet, even most intranets, is woefully inadequate. I hear about it a chuckle. I shrug it off thinking that if it were anything really sensitive, they'd be extra careful. However, this is nothing to be shrugged off. Obama has pledged to spend something like 11 billion dollars on building a "smarter" energy grid, so it seems like this thing could become a reality. If only 11 billion were anywhere near what it should actually cost.
I'm reminded of a movie, something like diehard 3 I think. This is not something only diehard 3 is guilty of, but its still especially bad in the film. One of the protagonist's cohorts is, predictably, the obligatory hacker. What is surprising about his hacking skills is that he often manages to hack devices not only too fast to be believable, but even hack devices that AREN'T NETWORKED. For instance, he manages to hack traffic signals, but as we all know, when one of those go down, they have to send a guy out there to fix it and it takes hours. Why? because it isn't networked! If it were, then there would be a possibility that all traffic lights might go down at the same time! The more complex you make something the more there is to go wrong I suppose.
In the case of America's power grid, improving it is one of the sagest things Obama has suggested. However, "improving" it with anything less than rock solid security would jeopardize national security in ways only hollywood has ever dreamed of. (Like in Eagle Eye where they hack the power lines to make them explode) Regardless, these changes are needed, however I would put more money into the air force's cyber command before investing in a fancy new networked energy grid. Lest we lose said grid to some asshole who just wants to watch the world burn, and has nothing better to do than infiltrate systems and make some sysAdmins job, and indeed life, miserable.