This isn’t a green subject so much but I have seen a report that Russia now has infiltrated the controls of power producers and the electrical grid but they will not likely shut down our power system until they really need to like in a war or in particularly high tensions between us and them. The news report I saw said that Russia likes the position that they’re in now, dangling the ability to shut us down if we’re not nice to them. I’m not a prepper but I did find a deal on a Generac iX2000 new for $350 shipped so I got it and I have it so I can backfeed it into a 20a outside outlet. I shut off the main breaker in case I do need it. Even if nothing ever happens to the grid I live in a rural area that loses power often, or it used to more but the electric company was forced to do more brushing to keep it on and it has been better lately.... since I got the genny lol.
Any thought on Russia’s supposed ability to shut down the grid?
- Thread starter WiscWoody
- Start date
-
Active since 1995, Hearth.com is THE place on the internet for free information and advice about wood stoves, pellet stoves and other energy saving equipment.
We strive to provide opinions, articles, discussions and history related to Hearth Products and in a more general sense, energy issues.
We promote the EFFICIENT, RESPONSIBLE, CLEAN and SAFE use of all fuels, whether renewable or fossil.
And then it runs out of gas. From those pumps that need electricity. At the station you need gas to get to.
The answer is hardening the grid. And one B-1 launching on the site of the hack. Or Kremlin Square.
I am reminded of what the auctioneer said selling a Thomas Air Pack I bought years ago. "Buy this and you will live 30 minutes longer than your neighbors when the big one comes.".
Oh, and by the way. You don't think we have hackers in their systems too? We invented computer hacking.
The answer is hardening the grid. And one B-1 launching on the site of the hack. Or Kremlin Square.
I am reminded of what the auctioneer said selling a Thomas Air Pack I bought years ago. "Buy this and you will live 30 minutes longer than your neighbors when the big one comes.".
Oh, and by the way. You don't think we have hackers in their systems too? We invented computer hacking.
Seasoned Oak
Minister of Fire
The whole Russia thing??? Isn't every country hacking? Including US? We cant start bombing the whole world cuz they hacked.Its like your girlfriend is cheating so you want to beat up every guy who looks at her. Wont solve the problem. We need a better defense. A tamper proof Grid would be a good start. China probably worse then all others combined. On so many levels.
Highbeam
Minister of Fire
What if....
You can waste your life worrying about things you can’t control and can’t prepare for.
You can waste your life worrying about things you can’t control and can’t prepare for.
Lol I said I’m not a prepper but I’m preparing for a outage by keeping a spare 5 gallon can of non- ethanol gas here and refreshing it every six months. And there’s a station here that has a backup generator so if the power goes out that’s my first stop for another ten gallons plus the car and then I’m hitting the grocery store then the liquor store in that order.... oh wait... forget the liquor since I don’t drink any longer...the little genny like I have doesn’t use much gas. If I ran it just at night for 8 hours I bet I could go for a few weeks on 15 gallons of gas. That should be long enough to keep the fridge and freezer happy. I couldn’t run the water well with the small generator but I can do without the well for awhile. Maybe I should just avoid the news for a few months lol...
Last edited:
sportbikerider78
Minister of Fire
If everyone did this then the major news outlets would close shop.
Let's see..in the past 6 months...
Russia hacking
Net nutrality
Korea nukes
Guns
Are we full circle back to Russia again?
Well.. you can secure a network .. it's just really tough
In my shop the work networks are accessed by smart cards. All machines are company provided and have the usb and dvd drives disabled. No one has admin rights except the admins. It keeps the hoi poloi nusiance down to a minimum.
The secure stuff is in a room behind a password and a combo lock. The drives are in a safe with a combo lock.
Now you can't run a utility that way, but you can start thinking what you have to do to keep the stranger from messing with your system. On a more open system, like banking, they do a relatively good job. I believe they do this by limiting what you can do. That might help with the utilities
What google does with the chrome book also might help.. they control the OS,and if you change it, they change it right back.
I think the key here is to get away from cobbling together systems that barely work and start thinking about how to do it securely. IMO, utilities will need help. They are structured to keep critical high power systems working, not nosey posy hackers from playing with the switches. A start might come in the form of regular secure inspections. Chances are the utilities will need help to pass the inspection. This will lead to the formation of trained consultants to make sure they pass the inspections.
It's going to take more than just IT. Remember how we got the malware onto the Iranian centrifuges. There computers were in locked rooms protected by passwords and combos. We just peppered the parking lots with usb drives with the malware. The workers pocketed the usbs, and inserted them into the critical devices
In my shop the work networks are accessed by smart cards. All machines are company provided and have the usb and dvd drives disabled. No one has admin rights except the admins. It keeps the hoi poloi nusiance down to a minimum.
The secure stuff is in a room behind a password and a combo lock. The drives are in a safe with a combo lock.
Now you can't run a utility that way, but you can start thinking what you have to do to keep the stranger from messing with your system. On a more open system, like banking, they do a relatively good job. I believe they do this by limiting what you can do. That might help with the utilities
What google does with the chrome book also might help.. they control the OS,and if you change it, they change it right back.
I think the key here is to get away from cobbling together systems that barely work and start thinking about how to do it securely. IMO, utilities will need help. They are structured to keep critical high power systems working, not nosey posy hackers from playing with the switches. A start might come in the form of regular secure inspections. Chances are the utilities will need help to pass the inspection. This will lead to the formation of trained consultants to make sure they pass the inspections.
It's going to take more than just IT. Remember how we got the malware onto the Iranian centrifuges. There computers were in locked rooms protected by passwords and combos. We just peppered the parking lots with usb drives with the malware. The workers pocketed the usbs, and inserted them into the critical devices
Circus
Feeling the Heat
My $200 gen is needed maybe once every five years. It's stored bone dry and fueled only when needed then promptly emptied. After twenty years it starts and runs perfectly.
Yeah we don’t want to think like Lindsey Graham... he wants to attack everyone all the time it seems... that would be very bad IMO. China has done a lot of industrial espionage I know. Russia has done much of that too. Has anyone ever seen the show when Russia reverse engineered and built a fleet of B-29 bombers, all 1.5 million parts of them exact right down to casting the rudder pedals with the B on them for Boeing and then Khrushchev flew a squad of them over in a military parade while a US President was there? Good show.
Knots
Minister of Fire
"Lights Out" by Ted Koppel is worth a read if you are interested in this...
Seasoned Oak
Minister of Fire
How hard would it be to have 2 separate networks at a utility ,one completely isolated (unplugged)from the internet,restricted access to only high level people, just to run the plant safely. And another connected, but not (if hacked) able to shut the plant down or mess with operations. We invented the internet ,we can certainly figure out how to safeguard it.
Seasoned Oak
Minister of Fire
I would think a good hacking by the US to seriously mess up their stuff would be an appropriate response. I know we have the capability, but if we DONT that's an even bigger problem.
You can start by separating billing and operations. Meter reporting can be one way into billing
I would characterize it more as operations vs business functions. Generally the high level business folks dont have or need a clue on the nitty gritty of operations
Do you remember STUXnet?
That is a VERY interesting 2 hour documentary about hacking Iran's uranium centrifuges and delaying their ability to make fuel.
I work at a trash to energy power plant. Our plant controls are not directly connected to the outside world. But neither was Iran's....
However, say the air compressor technician comes in to do his pm checks. He uses his laptop to download the compressor operating history, copies it onto a thumb drive, then places said thumb drive into a network printer to print off some operating temperature trends to back up his recommendation that it is time to acid clean the cooling water lines to remove scale buildup, etc. All pc's in the plant & entire company are now potentially infected with malware.
That is a VERY interesting 2 hour documentary about hacking Iran's uranium centrifuges and delaying their ability to make fuel.
I work at a trash to energy power plant. Our plant controls are not directly connected to the outside world. But neither was Iran's....
However, say the air compressor technician comes in to do his pm checks. He uses his laptop to download the compressor operating history, copies it onto a thumb drive, then places said thumb drive into a network printer to print off some operating temperature trends to back up his recommendation that it is time to acid clean the cooling water lines to remove scale buildup, etc. All pc's in the plant & entire company are now potentially infected with malware.
I just read a article about the grid and the power companies and like said earlier by George the can deal with storms and squirrels but they aren’t geared up to combat a well coordinated cyber attack. The article said that the government should help the power companies do what they can to secure the networks but I have little faith right now as it seems those on capital hill can’t agree on much at all. Meanwhile Russia has been playing war game like scenarios with out]r grids to see how they would do the attacks and while in the power networks they have been leaving obvious traces of their infiltration as little warning that they’ve been there and they hold the cards now.l
Russia is far from the only bad actor on this stage and right now we aren't exactly making friends in the world. The North Koreans for example have some serious hacking power, so does China. Iran and Pakistan have the potential too.
China is also a big actor here
Don't underestimate the ability of the government to impose rules. In defense work they require a separate security department whose sole job is to make sure things are secure. The approach is layered, people are granted clearance, facilities are secured,IT procedures are put in place, inspections are done by independent auditors.. you get a grade.. and if you fail... you don't get the work
There is nothing like this in the utilities. For a start,you can't stop the work,but you can impose fines.. that'll get their attention. At the limit you can require the sale of assets to a more responsible group with a better track record
Time to start before NYC finds itself without water or power
Don't underestimate the ability of the government to impose rules. In defense work they require a separate security department whose sole job is to make sure things are secure. The approach is layered, people are granted clearance, facilities are secured,IT procedures are put in place, inspections are done by independent auditors.. you get a grade.. and if you fail... you don't get the work
There is nothing like this in the utilities. For a start,you can't stop the work,but you can impose fines.. that'll get their attention. At the limit you can require the sale of assets to a more responsible group with a better track record
Time to start before NYC finds itself without water or power
firefighterjake
Minister of Fire
CaptSpiff
Minister of Fire
Damn it! You're all scratching my conspiracy itch.
You do realize that the majority of NYS and New England electric utilities where sold to large foreign electric utilities back when the EURO was hot compared to the dollar !?!
However, there has been significant tightening up of "process and procedure" in the Electric Utility business, courtesy of the Federal Government, under new NERC-CIP compliance requirements.
Almost like what Georgepds describes.
Yeah... my brother tells me the small utility that runs Bridgeport New Haven area is now owned by a Spanish firm, the old Mass Electric, now National Grid, is owned by a British firm
Do you think security is a priority?..
That's what I was thinking about ownership.. if they can't do a secure job lets get someone who can. But first, to be fair, clear rules and inspection procedures have to be put in place. This is not on the plate of your average PUC
Do you think security is a priority?..
That's what I was thinking about ownership.. if they can't do a secure job lets get someone who can. But first, to be fair, clear rules and inspection procedures have to be put in place. This is not on the plate of your average PUC
drz1050
Minister of Fire
If your power plant allows outside USBs inside the building, you're not secure in the slightest. No personal USB drives are allowed here. If you need one, you can go get one from IT, then bring it back when you're done. Yeah, it's a pain, but effective.
drz1050
Minister of Fire
As far as the grid goes, there's zero reason any plant operations should be able to be controlled remotely. Can't say I'm surprised if they are though.
