funsec mailing list archives
GAO: TVA Power Plants Vulnerable to Cyber Attacks
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Wed, 21 May 2008 06:16:01 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via The Washington Post. [snip] The Tennessee Valley Authority (TVA), the nation's largest public power company, is vulnerable to cyber attacks that could sabotage critical systems that provide electricity to more than 8.7 million people, according to a Government Accountability Office report to be released today. The report was requested by a House Homeland Security panel on cyber security, which is expected to hear testimony today from the Federal Energy Regulatory Commission about gaining additional authority to require electric utilities to implement added cyber-security measures. The GAO found that TVA's Internet-connected corporate network was linked with systems used to control power production, and that security weaknesses pervasive in the corporate side could be used by attackers to manipulate or destroy vital control systems. As a wholly owned federal corporation, TVA must meet the same computer security standards that govern computer practices and safeguards at federal agencies. The GAO also warned that computers on TVA's corporate network lacked security software updates and anti-virus protection, and that firewalls and intrusion detection systems on the network were easily bypassed and failed to record suspicious activity. [snip] More: http://www.washingtonpost.com/wp-dyn/content/article/2008/05/20/AR200805200 2354.html Gives you the warm fuzzies, no? - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFIM7u8q1pz9mNUZTMRAp/aAJ4z8JvLBOGTh6OkRj24dik3GNzA4ACgglte CUR+PX0xZ8xhGar0poJZcjU= =LfMn -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- GAO: TVA Power Plants Vulnerable to Cyber Attacks Paul Ferguson (May 20)