Executive Summary

• The most likely forms of cyber attack the national grid is vulnerable to
• The evidence that shows malicious attacks on the US grid have been attempted multiple times
• The low level of integrity in the current grid's defenses
• A checklist of backup systems at the home level every concerned citizen should work to have in place

If you have not yet read Part 1: The Electrical Grid May Well Be The Next War's Battlefield available free to all readers, please click here to read it first.

Cyber Attacks, Hacking, and Malware

The other main threat we should concern ourselves with centers on the highly automated nature of the electricity grid combined with the human propensity for mischief. As with everything these days, computer-controlled devices are at the heart of the entire electrical generation and distribution system.

Again from the same Peak Prosperity member quoted earlier:

Combine this with the known vulnerabilities of the SCADA [Supervisory Control And Data Acquisition] systems controlling the power grid and you have the recipe for a real coordinated and manufactured disaster.

US researchers have identified 25 zero-day vulnerabilities in industrial control SCADA software from 20 suppliers that are used to control critical infrastructure systems. Attackers could exploit some of these vulnerabilities to gain control of electrical power and water systems, according to Wired.com.

Nine of these potential exploits have so far been reported to the suppliers concerned and the US Department of Homeland Security.

In theory, an intruder could exploit the vulnerabilities simply by breaching the wireless radio network over which the communication passes to the server.

Unlike the "heartbleed" zero-day bug that could be more or less addressed by software server patches, the SCADA systems are hardware boxes sitting out in the field. It's quite possible they are not upgradeable, or they were made by companies no longer in business, or whose programmers no longer support the system any more. "Uh, you want me to come up with a patch for THAT old system? Really? The guy who knew that code retired 10 years ago. I'm not even sure we have the source code anymore – or if it compiles – or if our build system can even compile for that CPU-type.