By Kevin Poulsen
May 29, 2008
Chinese hackers may have been responsible for the recent power outage in
Florida, and the widespread blackout that struck the northeastern U.S.
in 2003, according to a new report in the National Journal that shows
the intelligence community taking cyberwar hysteria to new and dizzying
The story, citing computer security professionals, who in turn cite
unnamed U.S. intelligence officials, says that China's People's
Liberation Army may have cracked the computers controlling the U.S.
power grid to trigger the cascading 2003 blackout that cut off
electricity to 50 million people in eight states and a Canadian
"Investigators blamed 'overgrown trees' that came into contact with
strained high-voltage lines near facilities in Ohio owned by FirstEnergy
Corp.," the story reads. "There has never been an official U.S.
government assertion of Chinese involvement in the outage, but
intelligence and other government officials contacted for this story did
not explicitly rule out a Chinese role. One security analyst in the
private sector with close ties to the intelligence community said that
some senior intelligence officials believe that China played a role in
the 2003 blackout that is still not fully understood."
It's official: Cyberterror is the new yellowcake uranium.
Ever since intelligence chief Michael McConnell decided on
cyberterrorism as the latest raison d'etre for warrantless NSA
surveillance, we've seen increasingly brazen falsehoods and unverifiable
cyberattack stories coming from him and his subordinates, from
McConnell's bogus claim that cyberattacks cost the U.S. economy $100
billion a year, to one intelligence official's vague assertion that
hackers have caused electrical blackouts in unnamed countries overseas.
This time, though, they've attached their tale to the most thoroughly
investigated power incident in U.S. history.
The official investigation into the February outage in Florida is
ongoing, so I'll be watching with eager eyes for signs of Chinese
hackers when the final report comes out. But there's no need to wait to
evaluate the claim that hackers caused the northeastern blackout of
2003. The North American Electric Reliability Council spent six months
investigating the outage.
The detailed 228-page final NERC report found a complex confluence of
events responsible, but not a single hacker. It traced the root cause of
the outage to the utility company FirstEnergy's failure to trim back
trees encroaching on high-voltage power lines in Ohio. When the power
lines were ensnared by the trees, they tripped.
In fairness, there was a cyber component to the blackout. In 2004, I was
the first journalist to report on a bug in a GE energy management system
that resulted in an alarm system failure at FirstEnergy's control room,
which kept the company from responding to the outage before it could
spread to other utilities. But the bug -- a subtle race condition -- was
a poor candidate for a Chinese logic bomb. For one thing, it wasn't just
at FirstEnergy. It was in a GE product called the XA/21 in use at more
than 100 utilities across the globe. And it didn't cause the blackout,
it just hampered the response.
So China would have to have planted the race condition in a product used
around the world, then, using the most devious malware ever devised,
arranged for trees to grow up into exactly the right power lines at
precisely the right time to trigger the cascade.
Or maybe I'm being naive. Maybe there were no trees. Implicit in this
new cyberterror tale is the suggestion that everybody who investigated
the 2003 blackout, including FirstEnergy, the Department of Energy, the
Federal Energy Regulatory Commission, and the civilian North American
Electric Reliability Council, were part of a massive conspiracy to
conceal a (pointless) Chinese hack attack from the American people.
Now that we're seeing "overgrown trees" between the same scare quotes
conspiracy theorists bracket around "lone gunman" and "moon landing,"
the cybarmageddon hawks have squarely set foot in the realm of 9/11
truthers. I'm waiting for them to blame Chinese hackers for "Hurricane"
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com