New threat: Hackers look to take over power plants

New threat: Hackers look to take over power plants

By LOLITA C. BALDOR
Associated Press Writer


WASHINGTON (AP) -- Computer hackers have begun targeting power plants and other critical operations around the world in bold new efforts to seize control of them, setting off a scramble to shore up aging, vulnerable systems.

Cyber criminals have long tried, at times successfully, to break into vital networks and power systems. But last month, experts for the first time discovered a malicious computer code - called a worm - specifically created to take over systems that control the inner workings of industrial plants.

In response to the growing threat, the Department of Homeland Security has begun building specialized teams that can respond quickly to cyber emergencies at industrial facilities across the country.

As much as 85 percent of the nation's critical infrastructure is owned and operated by private companies, ranging from nuclear and electric power plants to transportation and manufacturing systems. Many of the new attacks have occurred overseas, but the latest episode magnified worries about the security of plants in the U.S.

"This type of malicious code and others we've seen recently are actually attacking the physical components, the devices that open doors, close doors, build cars and open gates," said Sean McGurk, director of control systems security for Homeland Security. "They're not just going after the ones and zeros (of a computer code), they're going after the devices that actually produce or conduct physical processes."

more...

http://hosted.ap.org/dynamic/stories/U/US_CYBER_THREATS_POWER_PLANTS?SITE=CONGRA&SECTION=HOME&TEMPLATE=DEFAULT

If they don't protect their networks from hackers by keeping up and spending a little on new tech now and then, one might suggest some hackers are trying to point out the risks that greed allows.

In any case, the power companies have done a poor job defending against this, despite years of warnings -- including movies featuring such scenarios.

This is technical stuff, so try to keep up ;) Here goes...

Don't connect your freaking power plant controls to any network that has ever had access to the Internet. It's really that simple. Even simpler: don't ever connect your power plant controls to any network for any reason, ever.

Why is it we don't read articles about government officials fearing the accidental launch of an ICBM? Oh, that's right--they haven't put the Red Button controls on the Internet. I smell fear being sold in pursuit of profit.

I've often wondered why they'd put sensitive stuff online. There may be a reason, but on the surface it looks pretty dumb.

The Internet is the fast, cheap, easy way to do it.

They do it because it's the cheapest way to connect any two computes anywhere in the world. Just like when I visit my doctor he can type a few keystrokes on the computer in the examining room and when I walk across the street to the WaMart pharmacy my prescription is waiting for me. There are good reasons having to do with power distribution and grid efficiency for power stations to be online. But it would be much safer for them to communicate via a private network. They don't do that only because it would be more expensive.