View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
April 6, 2004

Software, not blaster, had role in blackout, say officials

A probe into the massive power blackout in the northeast US and Canada last August has concluded that a software failure "significantly contributed to the power outage" but that the Windows worms prevalent on the internet at the time did not.

By CBR Staff Writer

A report published this week by the US Federal Energy Regulatory Commission made the same conclusion as November’s interim report. A combination of system and human failure at energy companies led to the blackout, FERC said.

Speculation at the time was rampant that the Blaster worm was behind the outage. Blaster targeted unpatched Windows systems and was spreading rapidly on August 14 last year, when the outage occurred.

But the FERC probe found no evidence that worms or viruses circulating on the internet at the time of the power outage had an effect on power generation and delivery systems of the companies directly involved in the power outage, the report says.

FERC also said that there was no evidence that malicious actors caused or contributed to the power outage, following reports that the Al Qaeda terrorist group had claimed responsibility for causing the blackout.

However, the report also says: A failure in a software program not linked to malicious activity may have significantly contributed to the power outage. The unnamed vendor has since provided industry with the necessary information and mitigation steps.

FirstEnergy Corp, which takes most of the blame in the report, said last November that it had identified a previously undetected flaw in vendor software that resulted in the loss of an alarm function, affecting our operators’ understanding of events on our system.

Whenever worms have been mentioned in the context of the blackout, the language has always been the same – that they did not have any significant impact on power generation and delivery systems. This has raised eyebrows.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Why the tortured prose? Bruce Schneier, security author and CTO of Counterpane Internet Security Inc, wrote in November. But what about the alarm systems? Clearly they were all affected by something, and all at the same time.

The FERC report does conclude that failures in alarm systems, which could have alerted engineers to emerging issues, were partly to blame for the problem escalating and becoming a cascading failure that affected an estimated 50 million people.

Speculation was fed by news last August that the Davis-Besse power plant in Ohio had certain safety display systems taken out of action for several hours in January 2003 by the Slammer worm, which also exploited a Microsoft vulnerability.

Davis-Besse, an inactive power plant, was infected via a WAN connection to the offices of its corporate parent, FirstEnergy Corp, which in turn had become infected via an unsecured T-1 line put in place by a third-party contractor.

And this week’s report makes it clear that FirstEnergy, which with 4.4 million customers in three eastern states calls itself the US’s fifth-largest power utility, takes most of the blame for the August outage.

This article is based on material originally published by ComputerWire

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.