Blackout caused by W32.Blaster? (was: DIM BULb)

Frank Bergmann fraber at fraber.de
Mon Aug 18 12:30:20 PDT 2003


http://babelfish.altavista.com/babelfish/urltrurl?tt=url&url=http%3A%2F%2Fwww.heise.de%2Fnewsticker%2Fdata%2Fju-15.08.03-001%2F&lp=de_en

The "OPC" (OLE for Process Control) control network at National Grid USA
is based on a COM/DCOM architecture from Northern Dynamics...

Bests,
Frank

mailto:frank_dot_bergmann at milengo.com, http://www.milengo.com/

---

Thanks to the babelfish/Systran...

http://www.heise.de/newsticker/data/ju-15.08.03-001/

Relationship between Blackout and Windows Worm?

The past attempts at explanation to the surface covering Blackout in the USA and Canada are plentifully incomplete: A thunderbolt is to have paralyzed a power station at the cases of Niagara. In the consequence electricity mains broke down in many Federal States.  

In order to avoid such losses, country-wide the connections of the power stations are steered to electricity mains via a central Grid center. This ensures normally also for the fact that if necessary supply areas are uncoupled fast by the net , in order not to likewise pull the other power stations into the abyss. Here the protective functions failed. In the consequence increased the net load for other power stations, which uncoupled themselves for its part then to the protection from overloading from the net and with it any longer could not supply some regions of the USA. Why the measures did not seize for the avoidance of such total failures, is still unclear. 

With our searches we are encountered the following connections: The failed Niagara power station belongs too national to National Grid USA (http://www.nationalgridus.com/). This power supplier is specified as a reference customer of Northern Dynamics (http://www.opcexperts.com/). This company calls itself as "Home OF the OPC Experts" and offers a set of products, which use OPC for communication with control and control systems. 

OPC stands for Process control "for" OLE for and touches down on Microsofts COM/DCOM model. That is however exactly the technology with the safety hole, which the worm W32.Blaster uses. In a net, in which this worm is active, malfunctioned due to the regular restarts, which observe now final users also concerned with their PCS, DCOM communication and concomitantly OPC on ungepatchten systems. 

OPC is used among other things also for the coupling of so-called SCADA systems (Supervisory control and DATA Acquisition), as they use also power stations. Process data between a center (MTU) are exchanged and one or more measures (RTU). Also being for processes can be adjusted over SCADA systems. 

Since national Grid the USA for a statement was not to be reached, urge itself us the following questions up: 

- for which national does Grid the USA OPC begin exactly? 

- gave it at the time of the power failure of problems with OPC? And if: Do these stand in a connection with the worm W32.Blaster? 

As further reference customers the OPCExperts of Northern Dynamics under other general Electrics, AG, specifies the Siemens the European power station farmer ABB and the European Organization for Nuclear Research (CERN). Thus clarifying need (heise Security) exists also here/( ju /c't) 




> -----Original Message-----
> From: fork-bounces at xent.com [mailto:fork-bounces at xent.com]On Behalf Of
> Adam L Beberg
> Sent: Freitag, 15. August 2003 23:46
> To: eh at mad.scientist.com
> Cc: FoRK at xent.com
> Subject: Re: East Coast Rising
> 
> 
> On Friday, August 15, 2003, at 03:25  PM, Eirikur Hallgrimsson wrote:
> 
> > Maybe I should check out what actually happened.
> 
> My guess, close friends of King George got the system deregulated then 
> raided the hell out of it. And now the taxpayers will get to rebuild 
> it, which of course goes directly into their pockets too, win win!
> 
> But I could be wrong, they may be his old business partners :)
> 
> - Adam L. Beberg - beberg at mithral.com
>    http://www.mithral.com/~beberg/
> 
> _______________________________________________
> FoRK mailing list
> http://xent.com/mailman/listinfo/fork


More information about the FoRK mailing list