Pwning the Power Grid

It's been common knowledge in the security arena for some time that our power grids have been vulnerable to attack. This article definitively proves it. The reason these SCADA systems have become so vulnerable is because they were not originally designed to be networked to the internet. If you are networked to a machine that is connected to the internet through a gateway, then you are also accessable from the internet. The number one culprit in this attack, as in most others, was a social engineering attack. Well, that, and vulnerable software that hadn't been upgraded. Specifically, a phishing email was sent that directed employees of the power company to a website that exploited a vulnerability to install some malware on their machine. From that point, the pen testers had full access to SCADA. "We had to shut down within hours," Winkler says, "because it was working too well. We more than proved that they were royally screwed."

We might be royally screwed if we don't pay attention to this, and some Islamic extremists exploit the vulnerability. This brings up a good point however, the penetration testers' highlighting of the problem is very important. Note, that it does not alert terrorists to the fact that they can do this; you can be sure they have thought about it. What this does is get the rest of us aware of our vulnerability so we can start to take steps to correct the situation.

1) Train employees to not open up bogus emails, or at least check the headers to see if it was actually sent from where it claims it is from, and also check out any url for links before clicking them. Just be suspicious (paranoid) and smart.

2) It might also help to disallow Javascript, java applets, or other forms of client side browser controllers. They could have used an exploit in flash or some other browser plugin. That information is not included in the article, probably for safety reasons.

3) Make sure software is up-to-date on security patches.