‘How 30 Strains of Code Blew Up a 27-Ton Generator’ – Slashdot


After the U.S. unveiled charges against six members of the Sandworm unit in Russia’s military intelligence agency, Wired re-visited “a secret experiment in 2007 proved that hackers could devastate power grid equipment beyond repair — with a file no bigger than a gif.”

It’s an excerpt from the new book SANDWORM: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers which also remembers the late industrial control systems security pioneer Mike Assante:

Among [Sandworm’s] acts of cyberwar was an unprecedented attack on Ukraine’s power grid in 2016, one that appeared designed to not merely cause a blackout, but to inflict physical damage on electric equipment. And when one cybersecurity researcher named Mike Assante dug into the details of that attack, he recognized a grid-hacking idea invented not by Russian hackers, but by the United State government, and tested a decade earlier…

[S]creens showed live footage from several angles of a massive diesel generator. The machine was the size of a school bus, a mint green, gargantuan mass of steel weighing 27 tons, about as much as an M3 Bradley tank. It sat a mile away from its audience in an electrical substation, producing enough electricity to power a hospital or a navy ship and emitting a steady roar. Waves of heat coming off its surface rippled the horizon in the video feed’s image. Assante and his fellow Idaho National Laboratory researchers had bought the generator for $300,000 from an oil field in Alaska. They’d shipped it thousands of miles to the Idaho test site, an 890-square-mile piece of land where the national lab maintained a sizable power grid for testing purposes, complete with 61 miles of transmission lines and seven electrical substations. Now, if Assante had done his job properly, they were going to destroy it. And the assembled researchers planned to kill that very expensive and resilient piece of machinery not with any physical tool or weapon but with about 140 kilobytes of data, a file smaller than the average cat GIF shared today on Twitter….

Protective relays are designed to function as a safety mechanism to guard against dangerous physical conditions in electric systems. If lines overheat or a generator goes out of sync, it’s those protective relays that detect the anomaly and open a circuit breaker, disconnecting the trouble spot, saving precious hardware, even preventing fires… But what if that protective relay could be paralyzed — or worse, corrupted so that it became the vehicle for an attacker’s payload…?

Black chunks began to fly out of an access panel on the generator, which the researchers had left open to watch its internals. Inside, the black rubber grommet that linked the two halves of the generator’s shaft was tearing itself apart. A few seconds later, the machine shook again as the protective relay code repeated its sabotage cycle, disconnecting the machine and reconnecting it out of sync. This time a cloud of gray smoke began to spill out of the generator, perhaps the result of the rubber debris burning inside it… The engineers had just proven without a doubt that hackers who attacked an electric utility could go beyond a temporary disruption of the victim’s operations: They could damage its most critical equipment beyond repair…

Assante also remembers feeling something weightier in the moments after the Aurora experiment. It was a sense that, like Robert Oppenheimer watching the first atomic bomb test at another U.S. national lab six decades earlier, he was witnessing the birth of something historic and immensely powerful.

“I had a very real pit in my stomach,” Assante says. “It was like a glimpse of the future.”

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: