Borepatch doesn’t want to say that the sky is falling, but the power grid has been compromised:
- The Grid is a high-value target to foreign Intelligence Agencies. It’s been said — correctly, IMHO — that while there are friendly foreign governments, there are no friendly foreign Intelligence Agencies.
- The computer systems that run the Grid (called SCADA systems) are based on old technology, and are difficult to patch. This means that it’s quite likely that the computers running the grid are riddled with security holes.
- While these systems are not supposed to be connected to the Internet, the incentive to do so is very, very high. For example, it’s a lot easier to reset something by remotely connecting to it from home than getting up, getting dressed, and driving 20 miles in a storm at 3:00 AM.
- Nobody has accurate maps of precisely what their network looks like. Network aren’t so much designed as grown, almost organically. The Power Company networks are no exception.
So the grid is a high-value, low-risk target — and it looks like someone has attacked SCADA via USB devices:
As far as I can tell, there’s no reason to compromise a SCADA system other than to take it down. The SCADA system doesn’t contain credit card numbers or other financial data, and I doubt that compromising it is a cost-effective way to steal power for free. The guy who found the SCADA calls, Frank Boldewin, says, “As this Siemens SCADA system is used by many industrial enterprises worldwide, we must assume that the attackers’ intention was industrial espionage or even espionage in the government area”. In fact, though, there are no obvious secrets to steal from a SCADA system — other than the secret of how to bring the system down. So the logical goal of the malware is not so much espionage as sabotage.
Borepatch advises getting a generator and at least a week’s worth of fuel:
Bad things happen when the power goes out for an extended period, and if it were a large scale outage, it could take months to restore things.