August 15th, 2003, 10:31 AM
MSblast caused blackout?
"What if the power plant servers in Niagra Falls were running Windows 2000? Could they have been infected with the msblast worm? "
-A troubleshooter from Nortel Networks
I really don't have much knowledge of power grids or Windows 2000, and I only understand the basic concepts of MSblast, so I don't have any indepth theory on that statement.
I read somewhere you shouldn\'t always believe what you read so what the Hell am I supposed to do?
August 15th, 2003, 10:40 AM
The only thing that I can say about it, is that most (if not all) vital systems (power plants, traffic control, water supply,...) are not linked to the internet in any way. All power plants for example have two totally independent systems. The system responsible for the functioning of the plant never sees the outside (as the outside never sees that system). And I doubt they run 2k, too, actually... I'm pretty sure they use systems you and I have never even heard of... (Powerplant OS 2003...yay)
August 15th, 2003, 10:58 AM
Hehe.. That's what I thought of the 9-1-1 systems until Sapphire infected them last year. That said, reports of what I've heard suggest that it is not a worm (although it did cross my mind). Apparently it's either overuse or a fire at a plant.
In fact, I think it will be a few days before we figure out what caused it.
A little further to that, I just read on Full Disclosure the following:
"Bernie" from Full Disclosure Mailing List
Being an old PLC automation and control hack let me say that there is a very good plausibility that the recent East Coast power outage was due to an attack by an MBlaster variant on the SCADA system at the power plant master terminal, or more likely at several of the remote terminal units "RTU". SCADA runs under Win2000 / XP and the telemetry to the RTU is accessible via TCP/IP / HTTP and the Internet.
August 15th, 2003, 12:26 PM
It was someone at M$ ensuring that the power's down so that it reduces the DOS attack against update cause loads of machines can't power up.
*ARRRGH The M$ Lawyers are after me*
It's a joke, honest, I couln't possible _know_ anything for real!
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
August 15th, 2003, 01:37 PM
steve... i think you've hit on something there.. .. material for the conspiracy theory buffs maybe???
Quis Custodiet Ipsos Custodes