Interesting People mailing list archives
Could W32.Blaster have caused the blackout? NREAD AT OWN RISK :-)
From: Dave Farber <dave () farber net>
Date: Tue, 19 Aug 2003 15:48:43 -0400
Date: Tue, 19 Aug 2003 09:53:56 -0700 From: jm () jmason org (Justin Mason) Subject: Could W32.Blaster have caused the blackout? Sender: jm () jmason org To: dave () farber net Hi Dave -- for IP. There's an article from Heise Security in Germany at [1], which raises some interesting questions about whether W32.Blaster could be to blame for the blackout. Some translated points are at [2] -- quote: ... it becomes a bit more likely if one considers what the authors of that article found out: - The Niagara Mohawk power grid which seemed to got overloaded first is owned by National Grid USA. - National Grid is listed as an important customer of Northern Dynamic who call themselves the "OPC Experts". - OPC is an acronym for OLE for Process Control and is used for communications between control systems. - OPC is based on DCOM, exactly that Windows technology attacked by W32.Blaster. - One symptom of a W32.Blaster attack is that a crashing DCOM service (not only under Windows), often taking down the whole server. One usage of OPC is the coupling of so-called SCADA (Supervisory Control and Data Acquisition) systems. Among other things is SCADA used in power plants and grids to exchange data between some central instance and external measuring units. And for some reason did the monitoring system which should prevent snowball effects like the one on thursday from happening. So the questions the authors of the article have are: - For which processes does National Grid utilise OPC? - Were there any problems regarding OPC when the power went down? - If yes, were they related to W32.Blaster? 1. http://www.heise.de/newsticker/data/ju-15.08.03-001/ 2. http://msquadrat.de/archive/03/08/16/02 --j.
------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Could W32.Blaster have caused the blackout? NREAD AT OWN RISK :-) Dave Farber (Aug 19)