Cyber Attack blows up a Generator

CNN is reporting that the Department of Homeland Security managed to blow up an electrical generator in a simulated cyber attack. It's a vivid demonstration of how the growing dependence on networked control systems links virtual world actions with real world effects.

This shouldn't really surprise anyone. Power grids are already too complex and interconnected to be controlled in any way other than by remote networked systems. Heck, pilots don't really fly jets much anymore - they just use the stick to tell the computer to take the plane in a particular direction. In fact, I doubt planes will even have pilots in 50 years, they'll be just like the automated trams that already haul people around on the ground at airports.

I can currently monitor my home through a web cam, and it won't be long before I have the ability to turn on the lights remotely and crank the air conditioning or heat from the office so things will be nice an comfy when I get home. Someday, I imagine someone could hack my house and do all sorts of annoying things. And if someone were to hack a plane, train, hydroelectric plant, or a nuclear power plant, things could get bad pretty quick.

The experts in the CNN story say that "a lot of the risk has already been taken off the table, " by finding ways to prevent the transformer hacks, but that it could take months to fix them all. That means our power grids are suffering from a classic zero day vulnerability. That is, the powers-that-be have publicly pointed out the flaw and announced fix, but anyone with the motivation has plenty of time to find unprotected systems to attack.

An expert interviewed on CNN claims that shutting down power to 1/3 of the country would have the economic and social devastation comparable to the nation being simultaneously hit by 40-50 major hurricanes.

Will there be an attack? Probably not. On the other hand, this is just one vulnerability. No doubt every networked machine or system, just like every networked computer, will eventually face similar threats.