[Dshield] Re: power outages all across North Eastern US

Andre Ludwig ALudwig at Calfingroup.com
Thu Aug 14 22:14:18 GMT 2003

I would assume every single SCADA node would need to be patched depending on
the level of services accessible via the Network interface.  From my
understanding most SCADA systems are simply semi stripped nt or win2k boxes
running custom IO/control software.  All remotely administered by a master

I of course am not a SCADA design engineer just a security geek.

And yes speculation is just that speculation. I wouldn't be to surprised if
somehow blaster or some variant found its way into the scada networks of a
few Power companies.  Like you guys said hundreds of times before all it
takes is one laptop.  Maybe a technician plugged into to check status of one
of the valves or control modules of the Mohawk-Niagara grid. And boom the
worm was launched and started to attack the actual scada systems that were
vulnerable (if any). Needless to say this is all conjecture and hear say.
All though plausible lets face it i would hope the people in charge are a
bit smarter then that. But you never know.  My original intent of posting my
reply about possible SCADA attacks was to ferret out anyone who has more
knowledge of the subject then i do.  So if there is anyone like that on this
list please do email me or the list in response. I would love to learn a bit
more about all this. 

Andre Ludwig, CISSP

-----Original Message-----
From: Kenneth Coney [mailto:superc at visuallink.com]
Sent: Thursday, August 14, 2003 2:39 PM
To: list at dshield.org
Subject: [Dshield] Re: power outages all across North Eastern US

Yup.. Lead story on every channel.  If it is our worm, look for more 
problems as the computers that run chillers and back up generators are more 
and more often accessed remotely by technicians using a company supplied 
laptop.  If it is the worm that caused the outage, then while it may have 
been poorly written, it did do a major hit to the infrastructure. 
Someone's head will roll because there was supposedly a specific team 
specializing in protecting power grids on the internet.  Gadzooks, how many 
servers do the power companies own that have to be patched?

[Dshield] power outages all across North Eastern US
"Johannes B. Ullrich" <jullrich at sans.org>
Thu, 14 Aug 2003 15:49:09 -0400
list at dshield.org

This message was converted from multipart/signed to ascii armored
Hash: SHA1

Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

There are major power outages all across the
North Eastern US. New York City, Cleveland,

list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:

More information about the list mailing list