GE Fixing Bug in Software After Warning About Power Grid Hacks (reuters.com) 13
General Electric said on Wednesday it is fixing a bug in software used to control the flow of electricity in a utility's power systems after researchers found that hackers could shut down parts of an electric grid. From a report: The vulnerability could enable attackers to gain remote control of GE protection relays, enabling them to "disconnect sectors of the power grid at will," according to an abstract posted late last week on the Black Hat security conference website. Protection relays are circuit breakers that utilities program to open and halt power transmission when dangerous conditions surface.
that will definitely slow down the hackers. all of a whole 10 seconds or so.
That simply isn't ideal anymore. When a critical situation happens, say an earthquake, how long does it take to deploy a person to a breaker unit to manually change its state? They NEED to be networked in today's age to have the level of agility needed to handle a situation.
the ones on lines need some kind of remote so they can send messages and get turn on commands. They also have local control so there can be a lock out / tag out.
While I am sure S&C have issues as well, they are at least conscious about security.
If your asset is attached to the network, literally billions of people could potentially attack it, from anywhere on the world. Not only that, but they can unleash automated attacks upon your asset from other Internet targets they've previously compromised.
If your asset is on its own network, or is non-networked, that cuts down on the number of possible attackers tremendously.
