blaster worm caused blackout?

[capybara]

it seems the power stations were linked by internet and may have had the
DCOM vulnerability that blaster worm uses.
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2003-08/0218.html
and here is the translation from German
http://babelfish.altavista.com/babelfish/urltrurl?tt=url&url=http%3A%2F%2Fwww.heise.de%2Fnewsticker%2Fdata%2Fju-15.08.03-001%2F&lp=de_en

 

[DrPizza]

That article still mentioned lightning hitting Niagara Falls... I think they're way off from the truth, or just grasping at straws.

 

[capybara]

quoted from the German article
"......This power supplier is specified as a reference customer of Northern Dynamics. This company calls itself as "Home OF the OPC Experts" and offers a set of products, which use OPC for communication with control and control systems.

OPC stands for Process control "for" OLE for and touches down on Microsofts COM/DCOM model. That is however exactly the technology with the safety hole, which the worm W32.Blaster uses. In a net, in which this worm is active, malfunctioned due to the regular restarts, which observe now final users also concerned with their PCS, DCOM communication and concomitantly OPC on ungepatchten systems. "

clear link between DCOM used by power supplier and DCOM used by the blaster worm.
thats not to say that the blackout didnt start with lightning, or ive heard it was
a fallen tree-limb in ohio. but the failure of many, many safety features
(circuit-breakers) in a chain-reaction across the country seems blaster-worm related.

in other words, lightning or a fallen tree limb could start a local outage.
but our power grid had circuit breakers everywhere!
there had to be something more involved to cause such a large regional outage.

 

[PowerMacG5]

Originally posted by: capybara
quoted from the German article "......This power supplier is specified as a reference customer of Northern Dynamics. This company calls itself as "Home OF the OPC Experts" and offers a set of products, which use OPC for communication with control and control systems. OPC stands for Process control "for" OLE for and touches down on Microsofts COM/DCOM model. That is however exactly the technology with the safety hole, which the worm W32.Blaster uses. In a net, in which this worm is active, malfunctioned due to the regular restarts, which observe now final users also concerned with their PCS, DCOM communication and concomitantly OPC on ungepatchten systems. " clear link between DCOM used by power supplier and DCOM used by the blaster worm. thats not to say that the blackout didnt start with lightning, or ive heard it was a fallen tree-limb in ohio. but the failure of many, many safety features (circuit-breakers) in a chain-reaction across the country seems blaster-worm related. in other words, lightning or a fallen tree limb could start a local outage. but our power grid had circuit breakers everywhere! there had to be something more involved to cause such a large regional outage.

It is all conspiracy theory. Are you going to say that the 1965 and 1977 blackouts were also caused by the LovSAN worm? The blackout was caused because they did not implement the protection for this kind of overload, as they were supposed to. The power grid is is an interdependant system. If all substations are at full load, distributing the power at full capacity, and one grid dies and the breaker blows, then all the fully loaded sub stations try to distribute more power than they have. This causes them all to die because they don't have enough power to distribute.

 

[capybara]

slammer worm at ohio nuclear plant in january:
"The Slammer worm penetrated a private computer network at Ohio's Davis-Besse nuclear power plant in January and disabled a safety monitoring system for nearly five hours, despite a belief by plant personnel that the network was protected by a firewall, SecurityFocus has learned. "
http://www.theregister.co.uk/content/56/32425.html
and a report by North American Electric Reliability Council, written
with cooperation of the NERC (Nuclear Energy Regulatory Commission) :
http://www.esisac.com/publicdocs/SQL_Slammer_2003.pdf

 

[OddTSi]

This all seems like a conspiracy to make Windows look un-safe. Nothing more, nothing less. Fact of the matter is every OS maker finds flaws/bugs in their product (with the size of current OSs its inevitable that it'll be released with a few flaws) and pretty much every OS provider has a patch for that flaw as soon as its discovered, which is usually months before hacker groups learn how to exploit the flaw. Just because an operator of a computer doesn't apply the appropriate patch, isn't the fault of the OS. Same goes for Linux, Unix, Windows, OS X, whatever.