OMRF-ISG Archives

OMRF's Information Support Group


Options: Use Forum View

Use Monospaced Font
Show HTML Part by Default
Condense Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
1.0 (Apple Message framework v552)
OMRF's Information Support Group <[log in to unmask]>
Todd Walker <[log in to unmask]>
Wed, 20 Aug 2003 12:48:03 -0500
text/plain; charset=US-ASCII; format=flowed
OMRF's Information Support Group <[log in to unmask]>
text/plain (36 lines)

"The Slammer worm penetrated a private computer network at Ohio's
Davis-Besse nuclear power plant in January and disabled a safety
monitoring system for nearly five hours, despite a belief by plant
personnel that the network was protected by a firewall, SecurityFocus
has learned. "

What does this mean?  The power plant, run by Firstenergy Corp., the
same Ohio power company
whose transmission line failures precipitated the blackout last week,
did not adequately do their
Windows security, and they do have Microsoft Windows computers in
critical areas.  Firstenergy
stated last week that their operators failed to notice the power line
outages, but refused to explain
how that happened. In the above article it's implied that Firstenergy's
computer-based monitoring system
was affected the the Slammer worm in January:

"Moreover, the monitoring system, called a Safety Parameter Display
System, had a redundant analog backup that was unaffected by the worm."

They say nothing about the computer-based monitoring system (which
presumably WAS affected).

All of this is consistent with the theory that the Blaster worm (whose
main symptom is a serious slowdown
of the infected Windows computer) infected the computers used to
monitor the transmission lines at Firstenergy
Corp. last week, causing the "alarm to fail" for reasons the company
still refuses to divulge.  The direct
result of the mysterious monitoring failure was the East Coast blackout.