To guard against ever-present cyber threats from a host of sources, the power industry must harden its control networks and focus on prevention. Like it or not, the power industry is susceptible to a variety of cyber threats, which can wreak havoc on control systems. Management, engineering and IT must commit to a comprehensive approach that encompasses threat prevention, detection and elimination. Consider a few plausible threat scenarios: Cyber-attack scenario 1 - Using "war dialers," simple personal computer programs that dial consecutive phone numbers looking for modems, a hacker finds modems connected to the programmable circuit breakers of the electric power control system, cracks passwords that control access to the circuit breakers, and changes the control settings to cause local power outages and damage equipment. He lowers the settings from, for example, 500 A to 200 A on some circuit breakers, taking those lines out of service and diverting power to neighboring lines. At the same time, he raises the settings on neighboring lines to 900 A, preventing the circuit breakers from tripping and overloading the lines. This causes significant damage to transformers and other critical equipment, resulting in lengthy repair outages.
展开▼