First Evidence of Warfare Grade Security Threat to Major Grid Systems

Security experts have been announcing it. Smart grid pundits have been evangelizing it. Modern energy and utility grids are at risk from cyber threats as soon as you connect them to the Internet , and maybe even if they remain largely offline.

A mysterious malware virus that has been analysed by expert for some months now appears to be the ultimate SCADA and grid systems bomb. It’s called Stuxnet because of the name of some of the mysteriously encrypted files it contains. See more details in this good article on Yahoo!: http://news.yahoo.com/s/csm/20100921/ts_csm/327178
and on SmartGrid News:
http://www.smartgridnews.com/artman/publish/Technologies_Security_News/Stuxnet-Worm-Poses-Real-Threat-to-SCADA-and-Business-as-Usual-2775.html#blogcomments

So far, Stuxnet has infected at least 45,000 industrial control systems around the world, without blowing them up – although some victims in North America have experienced some serious computer problems, Eric Byres, a Canadian expert, told the Monitor. Most of the victim computers, however, are in Iran, Pakistan, India, and Indonesia. Some systems have been hit in Germany, Canada, and the US, too. Once a system is infected, Stuxnet simply sits and waits – checking every five seconds to see if its exact parameters are met on the system. When they are, Stuxnet is programmed to activate a sequence that will cause the industrial process to self-destruct, Langner says.
Langner’s analysis also shows, step by step, what happens after Stuxnet finds its target. Once Stuxnet identifies the critical function running on a programmable logic controller, or PLC, made by Siemens, the giant industrial controls company, the malware takes control. One of the last codes Stuxnet sends is an enigmatic “DEADF007.” Then the fireworks begin, although the precise function being overridden is not known, Langner says. It may be that the maximum safety setting for RPMs on a turbine is overridden, or that lubrication is shut off, or some other vital function shut down. Whatever it is, Stuxnet overrides it, Langner’s analysis shows.
“After the original code [on the PLC] is no longer executed, we can expect that something will blow up soon,” Langner writes in his analysis. “Something big.”

More detail;ed analysis is available on Lagnier’s website at: http://www.langner.com/en/index.htm

Is this the proof that grid attacks are now part of conventional war tactics? What do you think?

September 23, 2010 | Tags: , , , , , , , | No Comments yet »

Michael Arrington Announces a Possible Major Case of Collusion and Price Fixing by Top Silicon Valley Private Investors

Years ago I worked with Michael Arrington. He was a rather standofish (or maybe introvert) guy who I knew little about during my time at RealNames. He came there from graduating for Stanford Law School, then working for a top Silicon Valley law firm (wsgr.com), and then joining Keith Teare an entrepreneur from the Internet boom era who had founded RealNames. Keith was erratic and the company a bit crazy. Michael left and tried to found several companies. Discouraged, in 2005, he started a blog covering Web 2.0 startups and people flocked to it soon making it a top news source for the global technology and new media industry.

In a blog post published 30 minutes ago, Michael Arrington, arguably the most important blogger covering Silicon Valley and the Technology industry with his famous TechCrunch blog, announced he uncovered a major case of price fixing (to keep company valuations low) and collusions (to keep coop-style startup incubators like Y-Combinator out) by a group of top venture capitalist and private equity investors.

Read it: http://techcrunch.com/2010/09/21/so-a-blogger-walks-into-a-bar/

This is major. He wouldn’t say this without being sure and there is no stopping him now. Mike, get ready for the witness stand!

September 21, 2010 | Tags: , , , , , , | No Comments yet »