Control systems/Electrical/Chemical engineer
2008-12-19 16:05:55
BC, let me be perfectly clear (to borrow a phrase from the late, great R. M. Nixon): the GAO is jumping to rash conclusions. Yes, it’s true that some not-so-smart people have tied the physical layers of some controllers into the internet at some locations, and yes, that’s a dumb thing to do, and yes that even opens the theoretical possibility of an attack on these (if you read the article) very small hydro plants. But it takes more than just physical layer connectivity to make an attack realistically possible in practice.
The bigger point is that there most certainly isn’t any large-scale systemic vulnerability. At most, a few tiny turbines could theoretically be tampered with.
