More about the Incident at Folsom...

April 23, 2007
Sounds like a story right out of the Old West, doesn't it? But it is really about a significant cyber attack on the Independent System Operator (Cal-ISO) for power in California. Here's the rest of the story I broke originally on April 18th. A contract technician accused of sabotaging computers at the California Independent System Operator (Cal-ISO) was able to enter the building and high-security inner rooms -- allowed in by electr...
Sounds like a story right out of the Old West, doesn't it? But it is really about a significant cyber attack on the Independent System Operator (Cal-ISO) for power in California. Here's the rest of the story I broke originally on April 18th. A contract technician accused of sabotaging computers at the California Independent System Operator (Cal-ISO) was able to enter the building and high-security inner rooms -- allowed in by electronic card readers and a handprint scanner -- even though his employer had warned days earlier that he should be denied access to the facility, authorities said. Lonnie Charles Denison, a 32-year-old computer specialist, has a "history of mental illness, drug abuse and alcohol issues," a prosecutor said Friday, April 20. Sunday's incident has raised alarms among state and federal energy regulators. Denison was arrested by the FBI on Wednesday and charged with attempted destruction of an electrical facility. Around midnight Sunday he broke a glass seal and pushed an emergency electricity shut-off button, plunging the Cal-ISO building in Folsom into darkness and crashing computers used to communicate with the power market. The act caused no blackouts but could have disrupted the western U.S. power grid had it happened during hours of peak demand for electricity, such as a summer afternoon. Denison early Sunday night tried and failed to log on to access the Cal-ISO computer network. However, a few hours later he succeeded in gaining physical entry to the building. Source: From the LA Times... So, not all cyber attacks are from the Internet, and not all trusted workers are trustworthy. More ammunition, surely, for a methodology which, like the Safety Instrumented System methodology, can be used to rigorously assess risk in cybersecurity situations. Now imagine that this single, possibly deranged individual is instead a dedicated group of saboteurs. Just suppose they were able to bring down the western US power grid, and keep it down for ten days to a month. What do you suppose the effects of that would be?