Ted Koppel Writes Entire Book About How Hackers Will Take Down Our Electric Grid… And Never Spoke To Any Experts

from the fudmongering dept

Famous TV news talking head Ted Koppel recently came out with a new book called Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath. The premise, as you may have guessed, is that we’re facing a huge risk that “cyberattackers” are going to take down the electric grid, and will be able to take it down for many weeks or months, and the US government isn’t remotely prepared for it. Here’s how Amazon describes the book:

Investigative reporting that reads like fiction – or maybe I just wish it was fiction. In Lights Out, Ted Koppel flashes his journalism chops to introduce us to a frightening scenario, where hackers have tapped into and destroyed the United States power grids, leaving Americans crippled. Koppel outlines the many ways our government and response teams are far from prepared for an un-natural disaster that won’t just last days or weeks – but months – and also shows us how a growing number of individuals have taken it upon themselves to prepare. Whether you pick up this book to escape into a good story, or for a potentially potent look into the future, you will not be disappointed.

The book also has quotes (“blurbs” as they’re called) from lots of famous people — nearly all of whom are also famous TV news talking heads or DC insiders who have a long history of hyping up “cyber” threats. But what’s not on the list? Anyone with any actual knowledge or experience in actual computer security, especially as it pertains to electric grids.

Want to know how useful the book actually is? All you really need to read is the following question and answer from an interview Koppel did with CSO Online:

Did you interview penetration testers who have experience in the electric generation/transmission sector for this book?

No, I did not.

Also in that interview, Koppel admits that he hasn’t heard anything from actual information security professionals (though he admits he may have missed it since he’s been on the book tour). But, still, if you’re writing an entire book with a premise based entirely on information security practices, you’d think that this would be the kind of thing you’d do before you write the book, rather than after it’s been published. Instead, it appears that Koppel just spoke to DC insiders who have a rather long history of totally overhyping “cyberthreats” — often for their own profits. In another interview, Koppel insists that he didn’t want to be spreading rumors — but doesn’t explain why he didn’t actually speak to any technical experts.

?Going in, what I really wanted to do was make sure I wasn?t just spreading nasty rumors,? said Koppel in a phone interview…. ?After talking to all these people, I satisfied my own curiosity that this not just a likelihood but almost inevitable.?

“All these people”… who apparently did not include any computer security experts. Koppel claims that this isn’t a priority because Homeland Security doesn’t want to “worry” the American public:

?The public would have to understand it?s a plan that will work but if you don?t have a plan, that can be more worrisome. I just hope it becomes part of the national conversation during the presidential campaign.?

What?!? Homeland Security doesn’t want to worry the American public? Which Homeland Security is he talking about? The one that manhandles the American public every time they go to an airport? The same one that is constantly fearmongering about “cyber attacks” and “cyber Pearl Harbor”? Is Koppel living in some sort of alternative universe?

Is there a chance that hackers could take down electric grids and it would cause serious problems? Sure. Anything’s possible, but somehow we’ve gotten along without a single incident ever of hackers taking down any part of the electrical grid to date. And most actual information security professionals don’t seem to think it is a “likely” scenario as Koppel claims. The whole thing seems to fit into the usual category of cyberFUD from political insiders who are salivating over the ability to make tons and tons of money by peddling fear.

Is it important to protect infrastructure like the electric grids? Yes. Should we be aware of actual threats? Absolutely. But overhyping the actual threat doesn’t help anyone and just spreads fear… and that fear is quickly lapped up by people who will use it to profit for themselves.

Filed Under: , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Ted Koppel Writes Entire Book About How Hackers Will Take Down Our Electric Grid… And Never Spoke To Any Experts”

Subscribe: RSS Leave a comment
60 Comments
Anonymous Coward says:

Pshah...

Hardly a revolutionary concept.

If you want a thought provoking look at what we could face given an national power grid failure (although extremely dated at this point) – you might find the first episode of James Burke’s “Connections” (from 1978) called “Tigger Effect” rather interesting. It details what actually did happen in 1965 New York during a massive power failure. It also has some thought provoking scenarios on survival.

https://en.wikipedia.org/wiki/Connections_(TV_series)

But I do love the modern mental masturbation of “omg! what if the power went out!”… because I live where it does, every year, for days at a time. It amazes me just how reliant on modern technology we have become as a society. Without something as simple as power, we act as if we’d all perish instantly. I tell you what – if you want to survive such a catastrophe, one of the LAST things you should be doing is taking away guns.

Kal Zekdor (profile) says:

Re: Re: Pshah...

Kinda reminds me of the short-lived X-Files spin-off (lot of hyphens there…) The Lone Gunmen. The first episode was about the US pulling a false flag op, flying commercial planes into the World Trade Center in order to justify a war to increase arms sales and defense contractor profits. This aired in March of 2001.

ltlw0lf (profile) says:

Re: Re: Re: Pshah...

Kinda reminds me of the short-lived X-Files spin-off (lot of hyphens there…) The Lone Gunmen.

Sad that show only aired thirteen episodes and was cancelled after one season. At least they aired all thirteen of them before killing the show, unlike another awesome show that only had 13 episodes before it was killed, two years later.

Fox, where good shows are killed off in their infancy or left on way too long after they stopped being watchable, ahem, Simpsons, X-Files. (Though Simpsons does still have some watchability.)

Anonymous Coward says:

Re: Pshah...

Connections was brilliant, and it’s still fun to watch the delivery of the material, even if it involves some dated (deprecated?) bits. Unlike modern popular science programming that drags bigfoot and aliens into every bullshit story, Burke could claim that Napoleon was responsible for the Saturn V rocket… and prove it. Damn fun.

ltlw0lf (profile) says:

Re: Re: Pshah...

Connections was brilliant, and it’s still fun to watch the delivery of the material

I still wish they would play Connections (the first season,) as mandatory material for budding IP Maximalists…and anyone who trots out the line “Why build on someone elses’ stuff, build your own new concept/idea” should have Connections beamed into their head 24/7/365 until they understand that there are no new concepts/ideas, and everything in the world is built on stuff that came before it.

Roger Strong (profile) says:

Re: Re: Re: Pshah...

Excellent point.

I recently watched the The PBS series The Mystery of Matter: Search for the Elements. I shudder to think of how much our civilization would be set back if each new element, each new method of discovering new elements and their properties, and Mendeleev’s Periodic Table itself were encumbered by patents.

Anonymous Coward says:

Re: Re: Re: Pshah...

I had a friend with a twelve year old daughter for whom I purchased the Connections3 box set, just so I could get her to watch a couple of episodes relevant to her school work (naturally, I planned to then permanently “borrow” the DVDs). She watched every episode and loved it. I was so stunned I’m still suffering from residual effects several years later.

orbitalinsertion (profile) says:

Never mind we are more likely to suffer outages because of the practices of utilities and their own unpreparedness (and lack of updating design) for problems. Did i say more likely? Oh, wait, it actually happens.

Never mind someone breaking into a SCADA system to shut things off. (But do remind me why any of these things, again, are connected to public networks.) And the actual consequence here is… what, exactly? Possibly some larger areas could be affected at the same time? That doesn’t really make things worse, it just kind of sucks for more people.

And what, pray tell, is the government supposed to do about it after the fact? Keep a billion generators in warehouses and truck them out afterward and hook them up to various neighborhoods?

Anonymous Coward says:

Re: Re:

Never mind someone breaking into a SCADA system to shut things off. (But do remind me why any of these things, again, are connected to public networks.)

Maintaining a proper airgap is hard. See Iran vs. Stuxnet for example.

SCADA lets power companies increase efficiency e.g. by bringing plants online and offline as needed without needing 24-hour staffing at each plant. (A while ago I toured a small hydroelectric plant with beautiful circa-1890 instruments—but they no longer worked, having been replaced with a SCADA system years ago. It used to be that a person on duty would manually adjust the phase to match the grid’s, using the friction of a rope on the rotor, before bringing the plant online. Now, some computer algorithm can do it from across the country with no human involvement.)

Power grids generally cover a huge area—the continental USA and Canada share just 4 major ones (East, West, Quebec, Texas). You’ll have hundreds of plants operated by various entities, with thousands of field technicians who’ll need some sort of SCADA access. Do you make sure that none of their laptops have ever connected to the internet? They all have wifi now and they could have picked up some virus/worm that will jump into the private net. Or if they’ll never connect to the internet, how will they get security updates? How will they get email from managers who need to communicate with the public as well as the employees?

Realistically these networks are going to be connected. Presumably with firewalls, but a firewall is basically a PC with two NICs and isn’t going to be 100% secure. It’ll be cracked and people will wonder why the SCADA system was connected to the internet anyway.

farooge (profile) says:

What?

I work in I.T. at a LARGE municipal utility so, maybe, I know a little more about this subject than Ted (maybe?).

Anyway, I 100% GUARANTEE if we got ‘hacked’ (which is a difficult proposition in the first place – NERC & FERC are DILIGENT in their assessments) we would simply disconnect the ‘smart grid’ and go back to the ‘old way’ of keeping the lights on.

It’s not rocket science.

Anonymous Coward says:

Solar panels could destroy U.S. utilities,

according to U.S. utilities

Wanna bet Koppel was secretly paid by the electrical utilities/nuclear power industry?

Because the electrical utilities are quickly heading for extinction, they are wrapping themselves in the cyberthreat security blanket in order to thwart distributed solar energy generation and to gain subsidies from the federal Homeland Security teat. Any such “cyberwashing” money would be far better spent to *accelerate* the inevitable rush to distributed generation to the point that the “critical infrastructure” grid simply isn’t “critical” anymore.

http://grist.org/climate-energy/solar-panels-could-destroy-u-s-utilities-according-to-u-s-utilities/

http://www.eei.org/ourissues/finance/Documents/disruptivechallenges.pdf

madasahatter (profile) says:

Doing what celebrity journalists do best

Koppel must subtract from the sum total of human knowledge every time he breaths. Cyber attacks against infrastructure are possible. But each plant and network will likely have a different SCADA system and implementation. The attacks would be tailored to a specific target, very doable, but not likely to take the entire North American electric grid.

What many are concerned about is old-fashioned sabotage against remote substations. The hardware in substation is more difficult to replace or fix than a SCADA or computer system. With the “proper” selection of substations, the utilities may have more difficulty bringing the affected parts back online. It is not like they keep a lot of spare parts around beyond what they expect to be taken out by natural disasters.

Anonymous Coward says:

Electromagnetic pulse

…? All you really need to read is the following question and answer from an interview Koppel did with CSO Online

Also from that interview with CSO Online:

You wrote that one estimate of what it would cost to harden our defenses against an EMP (electromagnetic pulse) attack was $2 billion.…

These things generally end up costing more than the original estimates. But let’s say that protecting against EMPs…

From Wikipedia:

An electromagnetic pulse (commonly abbreviated as EMP, pronounced /iː.ɛm.piː/) is a burst of electromagnetic radiation. Nuclear explosions create a characteristic pulse of electromagnetic radiation called a nuclear EMP or NEMP.

The resulting rapidly changing electric fields and magnetic fields may couple with electrical/electronic systems to produce damaging current and voltage surges. The specific characteristics of any particular nuclear EMP event vary according to a number of factors. The greatest of these factors is the altitude of the detonation. . . .

Anonymous Coward says:

Re: Electromagnetic pulse

The greatest of these factors is the altitude of the detonation. . . .

Also from Wikipedia:

Kevin David Mitnick (born August 6, 1963) . . .

Mitnick served five years in prison—four and a half years pre-trial and eight months in solitary confinement—because, according to Mitnick, law enforcement officials convinced a judge that he had the ability to “start a nuclear war by whistling into a pay phone”, meaning that law enforcement told the judge that he could somehow dial into the NORAD modem via a payphone from prison and communicate with the modem by whistling to launch nuclear missiles.

(Footnotes omitted.)

Anonymous Coward says:

Re: Re: Re:2 Electromagnetic pulse

Nobody doubts the ability to connect via a modem

You can whistle the V.90 song?    Wow. That’s a little more advanced than whistling Dixie.

 

 

( I suppose to avoid being anachronistic, I should’ve asked whether you can whistle the V.34(bis) song. Mitnik was arrested in ’95. But, otoh, when I posted the first dialup sound link, it had occurred to me that some youngsters might be utterly unfamiliar with the sounds. And, I was in hurry, so I just grabbed the first Google link. Anyhow, if you can whistle any of those songs into a payphone… Well, where would you find a payphone these days? )

PaulT (profile) says:

Re: Re: Re:3 Electromagnetic pulse

I said ability to connect via a modem, I didn’t address the idiocy of actually whistling the thing. Although, you’re still missing part of it – after the handshake you would still have to issue commands…

Regardless of how it’s done, if there’s a live modem connection on their end that’s not only accepting random external connections, but has the ability to trigger nuclear alerts as a result… well, that’s far scarier than anything Mitnick could have done. Especially since there was a famous movie made over 10 years beforehand showing what could happen if that exact flaw was exploited.

“Anyhow, if you can whistle any of those songs into a payphone… Well, where would you find a payphone these days?”

To be fair, the quoted text did specify a prison payphone, and as you say it was in the 90s so there would have been plenty when that was said.

Anonymous Coward says:

Re: Re: Re:4 Electromagnetic pulse

To be fair…

Wikipedia again:

Joybubbles (May 25, 1949 – August 8, 2007), born Josef Carl Engressia, Jr. in Richmond, Virginia, USA, was an early phone phreak. Born blind, he became interested in telephones at age four. He had absolute pitch, and was able to whistle 2600 hertz into a telephone (see Blue box) . . . .

 . . . A student at the University of South Florida in the late 1960s, he was given the nickname “Whistler” due to his ability to place free long distance phone calls by whistling the proper tones with his mouth. After a Canadian operator reported him for selling such calls for $1 at the university . . .

John Fenderson (profile) says:

Re: Re: Re:5 Electromagnetic pulse

Joybubbles is legendary, however his whistling feat was far from superhuman. The tones that had to be produced to fool the system into thinking that you’ve paid were very simple ones.

Whistling even a ’60s-era 300 baud modem tone is many orders of magnitude more complex (and still possible for nonsuperhumans — I used to be able to convince those modems that a connection was being made by doing so).

PaulT (profile) says:

Re: Re: Re:5 Electromagnetic pulse

“2600 hertz”

Slightly different to a 56K connection, don’t you think?

“long distance phone calls by whistling the proper tones”

Slightly different to a modem handshake process, don’t you think?

I’m not sure why you’re arguing here. Even if it were possible to do this, the problem is with the US government having its nuclear arsenal connected to the public phone system and accepting launch codes from that location. Not that someone with superhuman whistling abilities might have been able to issue them such a signal.

That Anonymous Coward (profile) says:

Hey I know, lets take a former talking head who managed to duck out before losing all credibility and give him the party line. He learned to just accept what we tell him and report it with a straight face before and an asset like that will help. He scores high with the older demo and him telling them a story will get that voting block riled up enough to vote how we need them to.

ERIK (profile) says:

Planning for Grid Failure

What seems the most pertinent point in Ted’s Book (I bought Kindle version and read straight through), is that no one seems to be able to put their arms around “planning!” Assuming that a major event takes down the whole US grid, there is an expected loss of 90% of the US population. There appears to be no planning for such a disaster.

And an expected major solar event, such as “The Perfect Solar Super Storm of 1859” could take out electric power world-wide. This would be worse than a Nuclear EMP upon the US.

Ted mentions the recent destruction of a large transformer power sub-station in San Jose, Calif. At least two gunners shot for 15 minutes with AK-47 automatic rifles.

Now, there are 37mm bazooka launchers that could take down a super-sized transformer power station with one shot. 9 of these in strategic locations throughout the US could take down the whole US grid.

Civilization will survive, with some preppers incuded, but the world over-population problem would go away. NOAH’S Ark folks can plan and survive.

Prashanth (profile) says:

Saw him this week on The Daily Show

I saw his interview two nights ago on The Daily Show, and I was a bit disappointed to see Trevor Noah just rolling with it. More than that, though, I smelled something fishy when Ted Koppel was quoting DHS and other such people as his sources for his apocalyptic predictions, given their history of overhyping these threats; in that sense, I’m glad to see that it wasn’t just me. It’s sad to see a man with such a storied and respected history in journalism stoop to such levels just to stay relevant today.

trevor999 (profile) says:

Grid

I have an old copy (October 1989) of Omni magazine (anyone remember that?) that goes into detail of a hypothetical terrorist attack on infrastructure in the US. This was long before cyber attacks etc. One thing that was mentioned was a PHYSICAL attack on the electrical and LNG grid by destroying (with not much more than high powered rifles and grenade launchers) a number of EHV transformers and LNG compressors. There are relatively few of these transformers and compressors, they’re expensive and usually built as needed and not kept in stock, and typically have a 6 – 18 month lead time. In the scenario, Washington DC, New York/Newark, Boston, Chicago, Dallas/Fort Worth, Los Angeles, Atlanta and Oakland/San Francisco were blacked out for 6 months. The LNG compressors were much the same, taking up to a year for replacement.

Imagine 8 of the largest metropolitan areas blacked out for at least 6 months and the LNG grid for the north east crippled for a year or more.

tqk (profile) says:

XKCD.

I have a dream where all these Washington DC policy wonks make XKCD their home page. !@#$ like this wouldn’t happen.

I’ve never understood why anybody thought Koppel was worth watching, much less insightful. I watched Sunday morning talking head shows for years, finally coming to understand it’s just politicians’ way of marketing themselves, and there’s really no “there” there. Glad I got over that addiction. Amazon should be ashamed. What a stupid sounding book.

GEMont (profile) says:

Re: XKCD.

Years of selling fantasy as reality on the TV have definitely prepared Ted well for his debut as a science fiction writer. He seems to be using the same sources for his factoids now, that he did back then, too.

Who knows. Maybe some day, he’ll found a religion based on his sci-fi books, and then turn it into a millionaire con-game like Scientology.

Hell. Maybe that’s his plan!

Anonymous Coward says:

So basically, he wrote a novel that looks as though it’ll get turned into a movie. But he called it a journalism book because he doesn’t know how to write a novel.

Then again, I’d probably go see it even if it is poorly researched and far-fetched. It’d have to be better than the remake and sequel diarrhea that Sony, WB, and the Maus Haus have been squatting out for the past 5 years or so.

PaulT (profile) says:

Re: Re:

“It’d have to be better than the remake and sequel diarrhea that Sony, WB, and the Maus Haus have been squatting out for the past 5 years or so.”

If you’re tired of those, you can help out by actually paying to see the many excellent original movies that get released every year but struggle with distribution because theatres assume everyone just wants to see the new Transformers instead. Sure, you might have to travel slightly further or read up on movies that aren’t advertised on billboards, but it’s worth the effort.

Or, you can support movies you think will be crap right out of the gate, ensuring they will make more of them. Your choice.

Bob says:

Who is the problem, you or Koppel? You say don’t worry, Koppel says worry. If we don’t worry and something DOES happen, will you save me? Not likely. If we do worry, make the system more robust (anti-fragile) and nothing happens, well sure, someone will have profited. But we end up with a better system. Better than millions dead. What’s so bad about that?
Which leads to ….
Are you my enemy?

tqk (profile) says:

Re: Re:

If we don’t worry and something DOES happen, will you save me?

My information offered to you may save you.

There’s (at least) two things going on:
– the sky may be falling.
– there’s wolves at the door wanting to eat you.

Koppel’s ignorantly and arrogantly focusing his Chicken Little energies when he should be thinking Three Little Pigs. A little bit of research, and less credulousness, would have saved him from this.

nasch (profile) says:

Re: Re:

Who is the problem, you or Koppel?

Koppel. What problem do you think Techdirt is causing here?

You say don’t worry, Koppel says worry.

The main point isn’t “don’t worry”, it’s “don’t make up alarmist bullshit and try to sell it as fact”. You’re kind of illustrating the problem – people tend to swallow the bullshit, and then we might spend time and money on things that are not necessary, when they could be better used elsewhere.

Anonymous Coward says:

1 I am not profiting from telling people this info. But if they can hack into some of the better protected home computer or cell phone which alotvputvto much info on to get all types of info on people such as credit cards medical history. A bank accounts, and other info I don’t doubt at sometime they will be able to hack the electrical grid. Only thing to stop them is go off grid.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...