An exclusive gaming industry community targeted
to, and designed for Professionals, Businesses
and Students in the sectors and industries
of Gaming, New Media and the Web, all closely
related with it's Business and Industry.
A Rich content driven service including articles,
contributed discussion, news, reviews, networking, downloads,
and debate.
We strive to cater for cultural influencers,
technology decision makers, early adopters and business leaders in the gaming industry.
A medium to share your or contribute your ideas,
experiences, questions and point of view or network
with other colleagues here at iVirtua Community.
HACKERS could shut down US power stations from the comfort of their own homes, says the Department of Homeland Security.
Almost a year ago, the Department released a video showing how cyber criminals could hack into power plants and blow up generators remotely using a technique known as the Aurora Vulnerability.
Government researchers launched an experimental cyber attack causing a generator in Idaho to self-destruct in a cloud of smoke.
Setting aside the fact that the release of the information was an extremely dumb thing to do, apparently little has been done in the intervening months to prevent such a thing happening for real. Members of the House Committee on Homeland Security are now warning that regulatory bodies aren't moving fast enough.
"I think we could search far and wide and not find a more disorganised response to a national security issue of this import," said the chairman of the Subcommittee on Emerging Threats, Cybersecurity and Science and Technology, James Langevin. "Everything about the way this vulnerability was handled … leaves me with little confidence that we're ready or willing to deal with the cyber security threat," he told Forbes.
Langevin blamed the Department of Homeland Security for not providing enough detail on exactly how the attack was made, hampering efforts by the the power industry to take preventative measures. He also pointed the finger at the power companies for working too slowly and the North American Electric Reliability Corporation (NERC), for not doing its job as the regulatory body tasked with providing the nation's power.
NERC gave evidence to the US House of Representatives last October claiming that 75 per cent of the nation's power plants had made some progress in securing systems against cyber attack. But when the subcommittee checked the NERC survey, it discovered that it had only been thrown together a couple of days before the hearing.
"You are not going to sit there and waste my time telling us you're doing the job you're supposed to do," Bill Pascrell, another member of the House subcommittee, said. "Who do you think we are - a bunch of jerks?"
A number of serious security vulnerabilities at the USA's largest power company, Tennessee Valley Authority, were noted including a failure to implement simple security measures such as updating firewall and antivirus software. Much of the company's network had no password protection and provided links to TVA's power generation systems.
Joseph Kelliher, chairman of the Federal Energy Regulatory Committee, said that the industry's emergency response procedures were designed to protect the grid from the threat of tree branches falling on power lines, rather than cyber attacks.
"A process designed to guard against poor vegetation management is not well suited to guard against national security threats," he said.
New legislation is coming into force in 2010 which threatens power companies with fines of up to a million dollars a day for failing to meet security standards.
Digg Topic
Tag topic on On del.icio.us
Technorati Search
Post to Slashdot
