• Pages

  • About us
  • Articles & publications
  • Contact
  • Reading List

• Authors

  • Alex Evans
  • Charlie Edwards
  • Daniel Korski
  • David Steven
  • Elizabeth Sellwood
  • Jules Evans
  • Mark Weston
  • Richard Gowan

• Topics

  • Africa (45)
  • Asia (61)
  • Asia Pacific (11)
  • Cities (27)
  • Climate Change (131)
  • Communication (110)
  • Conflict and security (157)
  • Cooperation and coherence (89)
  • Development (77)
  • Europe (90)
  • Food prices (76)
  • Global economy (97)
  • Influence (138)
  • Leadership (88)
  • Middle East (111)
  • Networks (68)
  • News (184)
  • Off topic (29)
  • Public diplomacy (64)
  • Religion in politics (23)
  • Resilience (80)
  • Russia (2)
  • Scarcity (124)
  • Technology (44)
  • Terrorism (74)
  • UK politics (100)
  • US politics (152)
• 
  

• Archives

  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007

• Reading List

  • 10 Most Amazing Ghost Towns
  • Get Started With WordPress - Webmonkey
  • 11 Powerful Firefox 3 Add-ons That Can Replace Standalone Applications
  • NanoMarkets Predicts Thin-Film Solar Cell Industry Will Produce More than 26 Gigawatts by 2015
  • what twitter would look like after a zombie outbreak
  • Banking on a dollar rally - The Spectator
  • Latest on food export restrictions - NY Times
  • Does anyone know how much oil there is in the world? - By Yves Smith - Slate Magazine
  • Guide to G8 Hokkaido summit 2008 from University of Toronto G8 Center
  • In Defence of Food: The Myth of Nutrition and the Pleasures of Eating

• Links

  • Center on International Cooperation
  • Cooperation Commons
  • Dan Drezner
  • Dani Rodrik
  • Democracy in America
  • Demos
  • ECFR
  • ForeignPolicy.com blog
  • Gideon Rachman
  • Global Guerrillas
  • Institute for the Future
  • Kevin Drum
  • Many to Many
  • Mapping Strategy
  • Network Weaving
  • New Security Beat
  • Our World 2.0
  • Oxfam’s From Poverty to Power
  • Schneier on Security
  • Silobreaker
  • Small Wars Journal
  • The Carpetbagger Report
  • The Interpreter
  • The Politics of Wellbeing
  • The Strategist
  • The Washington Note
  • Worldometers

• Meta

  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org

It’s been a long day, so excuse the bad mood. But, really: is it possible to read an article like this without falling further into deep despair?

Ira Winkler has the delightful job title of ‘penetration-testing consultant’. Hired by a US power utility, his task was to see how hard it was to take over their systems.

The answer? Not very.

The power company, it turns out, takes security so seriously that it runs the electricity grid on PCs that can also be used for buying marshmallows, watching teen-on-teen violence, or any of the other joys offered on these here internets (if it took you less than half an hour to read that sentence, then you’re not clicking on the links).

All Ira had to do was to (i) hang around on a few forums and harvest email addresses for people working at the power company; (ii) email the suckers employees and tell them that their benefits were about to be cut and that they needed to click a link RIGHT NOW to find out more; and (iii) use the website to infect, and take control, of their machines. Within minutes, apparently, he had ‘full system control’.

The experiment was shut down as soon as the company realized, in Wikler’s words, that it was ‘royally screwed.’ He notes: ‘The power grid is so poorly maintained that it is easier to attack than most other systems and networks. They hope for the best and make the risk-avoidance excuse if something goes wrong.’

Oh yes, and: ‘The real bad guys already know what I’m saying. There is the potential for serious damage.’

Feeling safer now?

Send this article to:

Hide Sites

Comments