> Let's separate the topics: > 1. Blackout was caused by wireless and/or msblast worm & > 2. Wireless is in use at generation sites
Good point. > At present, I believe we have little to worry about. (I am at liberty to > change that opinion with new facts, of course :) however, the time to > get the energy industry concerned about the vulnerabilities is now. > Internet connected systems are still sparse. That will change rapidly as > interconnects and protocols mature. I just found a document released by the department of state and white house (http://usinfo.state.gov/topical/global/ecom/02092002.htm), though it mentions SCADA systems and auditing internet connection usage relating to the systems, it does not mention WiFi. Maybe WiFi is encapsulated in that audit or 'internet connections'. Is there any government reg for utilities to start locking down such WiFi access to SCADA and DCS that Frank talks about? > W. Bush called the blackout a wake-up call. I think he really hit the > mark. Bush calls every national event worth speaking over a 'Wake. Up. um um. Call.' =) Cheers, Geoff Shively, CHO PivX Solutions, LLC Are You Secure? http://www.pivx.com ----- Original Message ----- From: "Mike Outmesguine [hiptop]" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, August 15, 2003 7:00 PM Subject: Re: [SOCALWUG] Power outages related to DCOM Worm, WiFi accessible? > Let's separate the topics: > 1. Blackout was caused by wireless and/or msblast worm & > 2. Wireless is in use at generation sites > > The first point, 1. Is just implausible. But I am a skeptic, so I am > personally going to wait until the investigations are complete before > forming a final opinion. > > Point 2 is a great topic to discuss. As Frank said, wireless is another > way into a system. Just as with internet-attached power systems, you > would need to secure the wireless systems. > > At present, I believe we have little to worry about. (I am at liberty to > change that opinion with new facts, of course :) however, the time to > get the energy industry concerned about the vulnerabilities is now. > Internet connected systems are still sparse. That will change rapidly as > interconnects and protocols mature. > > W. Bush called the blackout a wake-up call. I think he really hit the > mark. > > > > On Fri, 15 Aug 2003 6:44PM -0800, Frank Keeney wrote: > > > > I know for a fact that several utilities use WiFi in their networks. > > Some > > for their control systems and others only for back office. Like any > > other > > businesses, wireless has become another perimeter to be assessed and > > protected. > > > > WiFi is not the only vulnerbility. Many utilities use licensed spectrum > > UHF modems for control and monitoring. AFAIK these have no encryption > > and > > limited or no access control. > > > > On Fri, 15 Aug 2003, Geoff Shively wrote: > > > >> Yes, I doubt that a major system was wifi enabled but I had to ask. > > > > Why would you doubt this? Utilities use WiFi. > > > > > > Frank > -- > Mike Outmesguine > TransStellar, Inc. > > ** Complete Technology Services ** > > www.TransStellar.com > [EMAIL PROTECTED] >
