Ted Koppel Writes Entire Book About How Hackers Will Take Down Our Electric Grid… And Never Spoke To Any Experts
from the fudmongering dept
Famous TV news talking head Ted Koppel recently came out with a new book called Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath. The premise, as you may have guessed, is that we’re facing a huge risk that “cyberattackers” are going to take down the electric grid, and will be able to take it down for many weeks or months, and the US government isn’t remotely prepared for it. Here’s how Amazon describes the book:
Investigative reporting that reads like fiction – or maybe I just wish it was fiction. In Lights Out, Ted Koppel flashes his journalism chops to introduce us to a frightening scenario, where hackers have tapped into and destroyed the United States power grids, leaving Americans crippled. Koppel outlines the many ways our government and response teams are far from prepared for an un-natural disaster that won’t just last days or weeks – but months – and also shows us how a growing number of individuals have taken it upon themselves to prepare. Whether you pick up this book to escape into a good story, or for a potentially potent look into the future, you will not be disappointed.
The book also has quotes (“blurbs” as they’re called) from lots of famous people — nearly all of whom are also famous TV news talking heads or DC insiders who have a long history of hyping up “cyber” threats. But what’s not on the list? Anyone with any actual knowledge or experience in actual computer security, especially as it pertains to electric grids.
Want to know how useful the book actually is? All you really need to read is the following question and answer from an interview Koppel did with CSO Online:
Did you interview penetration testers who have experience in the electric generation/transmission sector for this book?
No, I did not.
Also in that interview, Koppel admits that he hasn’t heard anything from actual information security professionals (though he admits he may have missed it since he’s been on the book tour). But, still, if you’re writing an entire book with a premise based entirely on information security practices, you’d think that this would be the kind of thing you’d do before you write the book, rather than after it’s been published. Instead, it appears that Koppel just spoke to DC insiders who have a rather long history of totally overhyping “cyberthreats” — often for their own profits. In another interview, Koppel insists that he didn’t want to be spreading rumors — but doesn’t explain why he didn’t actually speak to any technical experts.
?Going in, what I really wanted to do was make sure I wasn?t just spreading nasty rumors,? said Koppel in a phone interview…. ?After talking to all these people, I satisfied my own curiosity that this not just a likelihood but almost inevitable.?
“All these people”… who apparently did not include any computer security experts. Koppel claims that this isn’t a priority because Homeland Security doesn’t want to “worry” the American public:
?The public would have to understand it?s a plan that will work but if you don?t have a plan, that can be more worrisome. I just hope it becomes part of the national conversation during the presidential campaign.?
What?!? Homeland Security doesn’t want to worry the American public? Which Homeland Security is he talking about? The one that manhandles the American public every time they go to an airport? The same one that is constantly fearmongering about “cyber attacks” and “cyber Pearl Harbor”? Is Koppel living in some sort of alternative universe?
Is there a chance that hackers could take down electric grids and it would cause serious problems? Sure. Anything’s possible, but somehow we’ve gotten along without a single incident ever of hackers taking down any part of the electrical grid to date. And most actual information security professionals don’t seem to think it is a “likely” scenario as Koppel claims. The whole thing seems to fit into the usual category of cyberFUD from political insiders who are salivating over the ability to make tons and tons of money by peddling fear.
Is it important to protect infrastructure like the electric grids? Yes. Should we be aware of actual threats? Absolutely. But overhyping the actual threat doesn’t help anyone and just spreads fear… and that fear is quickly lapped up by people who will use it to profit for themselves.
Filed Under: cyberattacks, cybersecurity, electric grid, fearmongering, information security, ted koppel
Comments on “Ted Koppel Writes Entire Book About How Hackers Will Take Down Our Electric Grid… And Never Spoke To Any Experts”
As Seen on TV
Who knew that TV news personalities were adept at fiction, even calling their fantasies non-fiction.
Strange description
How can they call it “investigative reporting” if he didn’t do any investigation? Actually, I think that also strikes the word “reporting”. Just call it what it is, speculative fiction, and all is well.
Pshah...
Hardly a revolutionary concept.
If you want a thought provoking look at what we could face given an national power grid failure (although extremely dated at this point) – you might find the first episode of James Burke’s “Connections” (from 1978) called “Tigger Effect” rather interesting. It details what actually did happen in 1965 New York during a massive power failure. It also has some thought provoking scenarios on survival.
https://en.wikipedia.org/wiki/Connections_(TV_series)
But I do love the modern mental masturbation of “omg! what if the power went out!”… because I live where it does, every year, for days at a time. It amazes me just how reliant on modern technology we have become as a society. Without something as simple as power, we act as if we’d all perish instantly. I tell you what – if you want to survive such a catastrophe, one of the LAST things you should be doing is taking away guns.
Re: Pshah...
Today that first episode is rather creepy to watch. It starts with Burke at the foot of the Word Trade Center towers and then on the roof, talking about a jetliner on a collision course with the towers during the blackout.
The entire series is well worth watching even today.
Re: Re: Pshah...
Kinda reminds me of the short-lived X-Files spin-off (lot of hyphens there…) The Lone Gunmen. The first episode was about the US pulling a false flag op, flying commercial planes into the World Trade Center in order to justify a war to increase arms sales and defense contractor profits. This aired in March of 2001.
Re: Re: Re: Pshah...
Kinda reminds me of the short-lived X-Files spin-off (lot of hyphens there…) The Lone Gunmen.
Sad that show only aired thirteen episodes and was cancelled after one season. At least they aired all thirteen of them before killing the show, unlike another awesome show that only had 13 episodes before it was killed, two years later.
Fox, where good shows are killed off in their infancy or left on way too long after they stopped being watchable, ahem, Simpsons, X-Files. (Though Simpsons does still have some watchability.)
Re: Pshah...
Connections was brilliant, and it’s still fun to watch the delivery of the material, even if it involves some dated (deprecated?) bits. Unlike modern popular science programming that drags bigfoot and aliens into every bullshit story, Burke could claim that Napoleon was responsible for the Saturn V rocket… and prove it. Damn fun.
Re: Re: Pshah...
Connections was brilliant, and it’s still fun to watch the delivery of the material
I still wish they would play Connections (the first season,) as mandatory material for budding IP Maximalists…and anyone who trots out the line “Why build on someone elses’ stuff, build your own new concept/idea” should have Connections beamed into their head 24/7/365 until they understand that there are no new concepts/ideas, and everything in the world is built on stuff that came before it.
Re: Re: Re: Pshah...
Excellent point.
I recently watched the The PBS series The Mystery of Matter: Search for the Elements. I shudder to think of how much our civilization would be set back if each new element, each new method of discovering new elements and their properties, and Mendeleev’s Periodic Table itself were encumbered by patents.
Re: Re: Pshah...
I have all 3 seasons – and still watch them on occasion to brush up on some of my history trivia.
Sadly, trying to get my kids to watch it usually results in lots of groans and an exodus from the living room (which has its own perks).
Re: Re: Re: Pshah...
I had a friend with a twelve year old daughter for whom I purchased the Connections3 box set, just so I could get her to watch a couple of episodes relevant to her school work (naturally, I planned to then permanently “borrow” the DVDs). She watched every episode and loved it. I was so stunned I’m still suffering from residual effects several years later.
Well he did see "Die hard" and stayed in a Motel 6...
So I guess we just have to leave the light on for him… while we still can anyway.
What this really goes to show is just how one sided the media is these days. They use the government for their references rather than people who actually are in the field.
It’s sad how much our media is just propaganda these days…
Never mind we are more likely to suffer outages because of the practices of utilities and their own unpreparedness (and lack of updating design) for problems. Did i say more likely? Oh, wait, it actually happens.
Never mind someone breaking into a SCADA system to shut things off. (But do remind me why any of these things, again, are connected to public networks.) And the actual consequence here is… what, exactly? Possibly some larger areas could be affected at the same time? That doesn’t really make things worse, it just kind of sucks for more people.
And what, pray tell, is the government supposed to do about it after the fact? Keep a billion generators in warehouses and truck them out afterward and hook them up to various neighborhoods?
Re: Re:
Maintaining a proper airgap is hard. See Iran vs. Stuxnet for example.
SCADA lets power companies increase efficiency e.g. by bringing plants online and offline as needed without needing 24-hour staffing at each plant. (A while ago I toured a small hydroelectric plant with beautiful circa-1890 instruments—but they no longer worked, having been replaced with a SCADA system years ago. It used to be that a person on duty would manually adjust the phase to match the grid’s, using the friction of a rope on the rotor, before bringing the plant online. Now, some computer algorithm can do it from across the country with no human involvement.)
Power grids generally cover a huge area—the continental USA and Canada share just 4 major ones (East, West, Quebec, Texas). You’ll have hundreds of plants operated by various entities, with thousands of field technicians who’ll need some sort of SCADA access. Do you make sure that none of their laptops have ever connected to the internet? They all have wifi now and they could have picked up some virus/worm that will jump into the private net. Or if they’ll never connect to the internet, how will they get security updates? How will they get email from managers who need to communicate with the public as well as the employees?
Realistically these networks are going to be connected. Presumably with firewalls, but a firewall is basically a PC with two NICs and isn’t going to be 100% secure. It’ll be cracked and people will wonder why the SCADA system was connected to the internet anyway.
What was his incentive for this?
Anyone want to guess what incentive the FBI/NSA/etc. gave him to write this piece of garbage?
Anything to make a buck, and it is legal. Lie all you want and fabricate, it does not matter. The whole concept is that if it is in a published book or on the internet it has to be real.
What?
I work in I.T. at a LARGE municipal utility so, maybe, I know a little more about this subject than Ted (maybe?).
Anyway, I 100% GUARANTEE if we got ‘hacked’ (which is a difficult proposition in the first place – NERC & FERC are DILIGENT in their assessments) we would simply disconnect the ‘smart grid’ and go back to the ‘old way’ of keeping the lights on.
It’s not rocket science.
Just like in 2003
You’ll go ahead and disconnect just like utilities easily did during the Northeast blackout of 2003?
That was cause by a software bug. Fortunately, hackers are a lot more benign than a software bug, so I’m sure you’ll have plenty of time to disconnect.
The last blackout was caused by a software bug that didn’t set off an alarm to notify operators to redistribute power and by not keeping power line corridors free of branches. But, sure, hackers.
Old News!
The No Agenda show covered (read: mocked) this extensively two weeks ago: http://naplay.it/769/1-06-12
Solar panels could destroy U.S. utilities,
according to U.S. utilities
Wanna bet Koppel was secretly paid by the electrical utilities/nuclear power industry?
Because the electrical utilities are quickly heading for extinction, they are wrapping themselves in the cyberthreat security blanket in order to thwart distributed solar energy generation and to gain subsidies from the federal Homeland Security teat. Any such “cyberwashing” money would be far better spent to *accelerate* the inevitable rush to distributed generation to the point that the “critical infrastructure” grid simply isn’t “critical” anymore.
http://grist.org/climate-energy/solar-panels-could-destroy-u-s-utilities-according-to-u-s-utilities/
http://www.eei.org/ourissues/finance/Documents/disruptivechallenges.pdf
Fact Checking Anyone?
Why let facts or expert evidence get in the way of a sweet book deal?
Doing what celebrity journalists do best
Koppel must subtract from the sum total of human knowledge every time he breaths. Cyber attacks against infrastructure are possible. But each plant and network will likely have a different SCADA system and implementation. The attacks would be tailored to a specific target, very doable, but not likely to take the entire North American electric grid.
What many are concerned about is old-fashioned sabotage against remote substations. The hardware in substation is more difficult to replace or fix than a SCADA or computer system. With the “proper” selection of substations, the utilities may have more difficulty bringing the affected parts back online. It is not like they keep a lot of spare parts around beyond what they expect to be taken out by natural disasters.
Electromagnetic pulse
Also from that interview with CSO Online:
From Wikipedia:
Re: Electromagnetic pulse
Also from Wikipedia:
(Footnotes omitted.)
Re: Re: Electromagnetic pulse
Top link from a Google search:
Re: Re: Re: Electromagnetic pulse
How would a modem handshake attempt trigger a nuclear war? Nobody doubts the ability to connect via a modem, the question would be why a 56K connection would have the asserted result.
As good a film as it is, this was not a documentary: https://en.wikipedia.org/wiki/WarGames
Re: Re: Re:2 Electromagnetic pulse
You can whistle the V.90 song? Wow. That’s a little more advanced than whistling Dixie.
( I suppose to avoid being anachronistic, I should’ve asked whether you can whistle the V.34(bis) song. Mitnik was arrested in ’95. But, otoh, when I posted the first dialup sound link, it had occurred to me that some youngsters might be utterly unfamiliar with the sounds. And, I was in hurry, so I just grabbed the first Google link. Anyhow, if you can whistle any of those songs into a payphone… Well, where would you find a payphone these days? )
Re: Re: Re:3 Electromagnetic pulse
I said ability to connect via a modem, I didn’t address the idiocy of actually whistling the thing. Although, you’re still missing part of it – after the handshake you would still have to issue commands…
Regardless of how it’s done, if there’s a live modem connection on their end that’s not only accepting random external connections, but has the ability to trigger nuclear alerts as a result… well, that’s far scarier than anything Mitnick could have done. Especially since there was a famous movie made over 10 years beforehand showing what could happen if that exact flaw was exploited.
“Anyhow, if you can whistle any of those songs into a payphone… Well, where would you find a payphone these days?”
To be fair, the quoted text did specify a prison payphone, and as you say it was in the 90s so there would have been plenty when that was said.
Re: Re: Re:4 Electromagnetic pulse
Wikipedia again:
Re: Re: Re:5 Electromagnetic pulse
Joybubbles is legendary, however his whistling feat was far from superhuman. The tones that had to be produced to fool the system into thinking that you’ve paid were very simple ones.
Whistling even a ’60s-era 300 baud modem tone is many orders of magnitude more complex (and still possible for nonsuperhumans — I used to be able to convince those modems that a connection was being made by doing so).
Re: Re: Re:5 Electromagnetic pulse
“2600 hertz”
Slightly different to a 56K connection, don’t you think?
“long distance phone calls by whistling the proper tones”
Slightly different to a modem handshake process, don’t you think?
I’m not sure why you’re arguing here. Even if it were possible to do this, the problem is with the US government having its nuclear arsenal connected to the public phone system and accepting launch codes from that location. Not that someone with superhuman whistling abilities might have been able to issue them such a signal.
Energy production is a result of physical and chemical processes. If we don’t allow the government to insert back doors into everything the hackers may knock out our power by hacking the laws of physics and chemistry.
Hey I know, lets take a former talking head who managed to duck out before losing all credibility and give him the party line. He learned to just accept what we tell him and report it with a straight face before and an asset like that will help. He scores high with the older demo and him telling them a story will get that voting block riled up enough to vote how we need them to.
But overhyping the actual threat doesn’t help anyone and just spreads fear… and that fear is quickly lapped up by people who will use it to profit for themselves.
So you see, it does help someone.
Planning for Grid Failure
What seems the most pertinent point in Ted’s Book (I bought Kindle version and read straight through), is that no one seems to be able to put their arms around “planning!” Assuming that a major event takes down the whole US grid, there is an expected loss of 90% of the US population. There appears to be no planning for such a disaster.
And an expected major solar event, such as “The Perfect Solar Super Storm of 1859” could take out electric power world-wide. This would be worse than a Nuclear EMP upon the US.
Ted mentions the recent destruction of a large transformer power sub-station in San Jose, Calif. At least two gunners shot for 15 minutes with AK-47 automatic rifles.
Now, there are 37mm bazooka launchers that could take down a super-sized transformer power station with one shot. 9 of these in strategic locations throughout the US could take down the whole US grid.
Civilization will survive, with some preppers incuded, but the world over-population problem would go away. NOAH’S Ark folks can plan and survive.
Re: Planning for Grid Failure
firstly, welcome to the terrorist trainer list…
secondly, ‘Erik’ was taken already ? ? ?
thirdly, the ark may just be the last refuge when waterworld becomes reality…
fourthly, the zombie hordes will conquer all…
Re: Planning for Grid Failure
The NOAH’S Ark survival project ran into some design problems. They made a few adjustments, built a new one, and now you’re all invited to sign up for NOAH’S Ark Ship B.
Sounds like he recently watched the 4th die hard film. But thankfully not the 5th as that was complete drek.
Want uu yo bo sacred as they are
Dint blame some. We gall have or liking. Mine liking is from “favors”idiots…….I Might be 59 but glad to kelp all!!! That sows heart
Give help and no flail?
Wish my youth did not problems with evidence robbers from below cell cell.
I am real, need wgoleseal and is Geat # 4 we will talk!
hit me cookie
Saw him this week on The Daily Show
I saw his interview two nights ago on The Daily Show, and I was a bit disappointed to see Trevor Noah just rolling with it. More than that, though, I smelled something fishy when Ted Koppel was quoting DHS and other such people as his sources for his apocalyptic predictions, given their history of overhyping these threats; in that sense, I’m glad to see that it wasn’t just me. It’s sad to see a man with such a storied and respected history in journalism stoop to such levels just to stay relevant today.
Grid
I have an old copy (October 1989) of Omni magazine (anyone remember that?) that goes into detail of a hypothetical terrorist attack on infrastructure in the US. This was long before cyber attacks etc. One thing that was mentioned was a PHYSICAL attack on the electrical and LNG grid by destroying (with not much more than high powered rifles and grenade launchers) a number of EHV transformers and LNG compressors. There are relatively few of these transformers and compressors, they’re expensive and usually built as needed and not kept in stock, and typically have a 6 – 18 month lead time. In the scenario, Washington DC, New York/Newark, Boston, Chicago, Dallas/Fort Worth, Los Angeles, Atlanta and Oakland/San Francisco were blacked out for 6 months. The LNG compressors were much the same, taking up to a year for replacement.
Imagine 8 of the largest metropolitan areas blacked out for at least 6 months and the LNG grid for the north east crippled for a year or more.
How the Internet Stole Our Rights
So, Ted Koppel is a science fiction writer now.
Hooda thunk it? 🙂
—
german hackers (like the ccc)
publish every other week a report on weaknesses in infrastructure …
there is plenty of youtube videos with funny accent here
https://www.youtube.com/user/CCCdeVideos/videos
so if (let’s say german) hackers wanted to have a huge blackout in the EU, they could have done that already.
Did you actually read the book?
“…it appears…”
If you are going to trash a book in this manner, at least read it first rather than relying on second hand accounts.
Re: Did you actually read the book?
They relied on the first hand account of him admitting that he did no research with anyone knowledgeable about the subject. The phrase you quoted refers to the research he used for the book, not the content of the book, so reading it would change nothing.
XKCD.
I have a dream where all these Washington DC policy wonks make XKCD their home page. !@#$ like this wouldn’t happen.
I’ve never understood why anybody thought Koppel was worth watching, much less insightful. I watched Sunday morning talking head shows for years, finally coming to understand it’s just politicians’ way of marketing themselves, and there’s really no “there” there. Glad I got over that addiction. Amazon should be ashamed. What a stupid sounding book.
Re: XKCD.
Years of selling fantasy as reality on the TV have definitely prepared Ted well for his debut as a science fiction writer. He seems to be using the same sources for his factoids now, that he did back then, too.
Who knows. Maybe some day, he’ll found a religion based on his sci-fi books, and then turn it into a millionaire con-game like Scientology.
Hell. Maybe that’s his plan!
—
So basically, he wrote a novel that looks as though it’ll get turned into a movie. But he called it a journalism book because he doesn’t know how to write a novel.
Then again, I’d probably go see it even if it is poorly researched and far-fetched. It’d have to be better than the remake and sequel diarrhea that Sony, WB, and the Maus Haus have been squatting out for the past 5 years or so.
Re: Re:
“It’d have to be better than the remake and sequel diarrhea that Sony, WB, and the Maus Haus have been squatting out for the past 5 years or so.”
If you’re tired of those, you can help out by actually paying to see the many excellent original movies that get released every year but struggle with distribution because theatres assume everyone just wants to see the new Transformers instead. Sure, you might have to travel slightly further or read up on movies that aren’t advertised on billboards, but it’s worth the effort.
Or, you can support movies you think will be crap right out of the gate, ensuring they will make more of them. Your choice.
TK's cyber-book
maybe he didn’t get to ask an expert
because they were smart enough to ignore him.
Ted Koppel is a pen name
I have a very reliable source that told me that Ted Koppel is Donald Trump’s pen name.
Who is the problem, you or Koppel? You say don’t worry, Koppel says worry. If we don’t worry and something DOES happen, will you save me? Not likely. If we do worry, make the system more robust (anti-fragile) and nothing happens, well sure, someone will have profited. But we end up with a better system. Better than millions dead. What’s so bad about that?
Which leads to ….
Are you my enemy?
Re: Re:
My information offered to you may save you.
There’s (at least) two things going on:
– the sky may be falling.
– there’s wolves at the door wanting to eat you.
Koppel’s ignorantly and arrogantly focusing his Chicken Little energies when he should be thinking Three Little Pigs. A little bit of research, and less credulousness, would have saved him from this.
Re: Re:
Who is the problem, you or Koppel?
Koppel. What problem do you think Techdirt is causing here?
You say don’t worry, Koppel says worry.
The main point isn’t “don’t worry”, it’s “don’t make up alarmist bullshit and try to sell it as fact”. You’re kind of illustrating the problem – people tend to swallow the bullshit, and then we might spend time and money on things that are not necessary, when they could be better used elsewhere.
1 I am not profiting from telling people this info. But if they can hack into some of the better protected home computer or cell phone which alotvputvto much info on to get all types of info on people such as credit cards medical history. A bank accounts, and other info I don’t doubt at sometime they will be able to hack the electrical grid. Only thing to stop them is go off grid.
Lack of Citations from Ted Koppel in Lights Out
Ted Koppel sites his interviews with cyber security experts here:
https://www.youtube.com/watch?v=TN8AscHzeFQ
Did you actually read the book?
Just inside the cover, Richard Clarke, former national coordinator for Security, Infrastructure Protection, and Counter-terrorism during the Clinton and George W. Bush years praises it in no uncertain terms.