NOTES FROM THE FIELD: Did MS Blaster crash the power grid?
- 10 September, 2003 12:35
Between power outages and worm scares, I’ve been too busy to sleep, bathe, or buy food. Apache has eaten everything in the house and is now gnawing old copies of Accidental Empires. That dog can stomach anything.
Pammy called me paranoid when I told her the Big Blackout was caused by the Microsoft Worm, but that’s the hot rumor on BugTraq, Slashdot, and other Net geekfests. The FBI and CERT pooh-pooh the theory, but some aren’t convinced. Many plants on the grid run a Windows-based SCADA (Supervisory Control and Data Acquisition) system that receives remote commands through the same RPC (Remote Procedure Call) protocol exploited by MSBlaster. Among other things, SCADA systems control the amount of energy each plant produces. I talked with one plant insider who says the worm theory is possible but not likely. “It would have to be a major breakdown in the plant’s software protection scheme,” he said. A more likely sabotage scenario? An inside job by a techie ticked off at his employers. So far nobody knows the real cause, but if Oliver Stone is reading this, I’ll sell the movie rights for a Linux notebook and 5 per cent of the gross.
The spy who logged me
One of my sources inserted a CD that came with his Verizon Wireless cell phone, then found his PC had been infected with spyware. His firewall caught a program called noptify.exe trying to contact the site of James Tower, a Minnesota-based marketing company. The site boasts “CD tracking technology” that logs “statistical data on CD-ROM viewership,” though even Verizon Wireless seems mystified about this stuff. I tried to reach James Tower several times without success; it must be too busy watching people read its discs.