[PCWorld]

Post your comments for CIA Says Hackers Have Cut Power Grid here

[caliphate]

we need bruce willis now more than ever

[evilboyd]

Just like the california grid/wepex in freemont a few years ago only they tried to cover it up with power shortage comment. They still have not fixed some of the issues.

[esklsnrq8]

Ya know, nobody gets it. Its all played out like a movie script. A little cloak and daggar.

Its not cool. It is very serious. The welfare of our nation and perhaps the world depends on the safety of the net.

If a couple of thugs can ransom electricity, what are the possibilities of other governments doing the same?

When these thugs are cought and identified they should be sumarily put to death, in public and televised for the rest of them to know that this will no longer be tolerated.

Its time for the good people of the world to enjoy the freedoms they are due and take their place in society without fear and without having to hide everything they do. If we have to kill a few bad guys to insure our rights and protect the citizenary, so be it.

No one would think twice about cutting out a cancerous tumer or putting sulfer on an infected pustual. Why then grimace over the loss of a cancerous pox on society? It time to take off the kid gloves and put an end to it now!

[RDunn]

Control systems should simply be isolated from the Internet... there is no need to use the Internet, that can't be duplicated by private secure communications. Get a clue.

[Geminate]

The Internet was designed for the military by the military with your tax dollars. Now since civilians have made the Internet a public tool for communications and commerce, it is no longer of any use governmentally. The Internet should be cleared of any military or governmental use permanently; they should use solely the other options at their disposal.

[BryGuy2000]

The US internally hasn't see any power grid disruption due to hackers because the power companies are so out of date all the control systems are still using modems and clear text vt1000 interfaces. If you were able to get information regarding what phone number blocks belonged to the power companies in the area you could war dial until you found a modem that answered. Then you could do some major damage by changing breaker trip points (lets say hack in the winter, come the first hot day in spring your change could cause a major blackout). That you could do because most power companies don't change the level 2 password on relays and SCADA units from factory default. For the most part you couldn't screw with the ISOs because SCADA is a polled system. Even if you hacked the phone companies you likely wouldn't be able to do too much to disrupt the service since relays don't need to ask any questions from the source, they act on pre-programed parameters.

[OilMonkey]

The headline should read, "CIA Says Crackers Have Cut Power Grid".
This is exactly the kind of article which literally terrifies people when they hear the words "hack", "hacking" or "hackers".
There is an important difference between hacking and cracking, to quote the Webopedia.com definition of "crack":
"To break into a computer system. The term was coined in the mid-80s by hackers who wanted to differentiate themselves from individuals whose sole purpose is to sneak through security systems. Whereas crackers sole aim is to break into secure systems, hackers are more interested in gaining knowledge about computer systems and possibly using this knowledge for playful pranks. Although hackers still argue that there's a big difference between what they do and what crackers do, the mass media has failed to understand the distinction, so the two terms -- hack and crack -- are often used interchangeably."

[BryGuy2000]

I personally have never cared for the distinction. Uneducated blundering through a vunerable system can do just as much damage as intentionally crippling it. Intentions be damned, the results are what mater. Freelance white hat hackers trying distinguishing themselves from any others does no good. Do they provide a valuable service? Yes. Should they be treated any differently? No.

If a white hat hacker wants legitimacy they should sign up with a security company not try to come up with another name for what those evil black hats do.

[OilMonkey]

Uneducated blundering in any endeavor or system, vulnerable or not, can cause damage or unintended consequences (from peak oil-and-energy to economics to global warming the modern human primate, generally speaking, is a "perfect" example of such incompetence).
I agree with you on the one hand, white, black or grey hats be damned, if someone commits a crime s/he has to face the consequences.
On the other hand, I think the majority of people are unnecessarily afraid of the word hackers and easily scared by its negative connotations borne of popular myth and media.
The headline in question, for example, makes it far too easy for the average person to equate hackers with terrorists.
I see nothing wrong with the attempt to clarify the distinctions between the good intentions and ethics of hackers and the criminality and immorality of crackers.
Regardless, you clearly have nothing to worry about because the distinctions in question are too deep for the shallows of the mainstream.

[RDunn]

Hacking, cracking... is a semantics issue, and unimportant. Hacking, cracking are illegal, "playful" or not.
Safe-"cracking" merely opens the safe, it doesn't destroy it... although the money, data, etc., may be taken.
If 'white' hat hackers want to differentiate themselves... choose another term than hack.

Back to the article... it's simple, all control systems should be isolated, US or elsewhere... there should be -no- public access... only 'secured' access, if at all necessary. Public records access should be on public access systems... those systems that need access to both public and utility systems shouldn't be public. It's just stupid to have control systems that can be compromised by being "on" the Internet.... so-called "safeguards" be damned.
If the system is "on" the Internet and "firewalls" are hacked... controls will be 'cracked'. I don't make a hack/crack distinction and I'm a tech.

[OilMonkey]

I'm a tech, too, but I make the hacker/cracker distinction because I believe ignorance -- in general and specifically in this case (as detailed in the article) -- poses a greater threat to our safety, security and democracy than do the mythical, media-driven archetypes of the evil hacker and omnipotent terrorist (too often packaged and promulgated as one in the same).
As I said, obviously, those who commit crimes should do time (providing the punishment fits the crime, a two way street that often travels one way in the wrong direction).
Articles like this one -- and the misconceptions and virulent, violent responses they tend to engender -- remind me of Richard Stallman's short piece, On Hacking (stallman.org/articles/on-hacking.html):
"Yet when I say I am a hacker, people often think I am making a naughty admission, presenting myself specifically as a security breaker. How did this confusion develop?
"Around 1980, when the news media took notice of hackers, they fixated on one narrow aspect of real hacking: the security breaking which some hackers occasionally did. They ignored all the rest of hacking, and took the term to mean breaking security, no more and no less. The media have since spread that definition, disregarding our attempts to correct them. As a result, most people have a mistaken idea of what we hackers actually do and what we think.
"You can help correct the misunderstanding simply by making a distinction between security breaking and hacking—by using the term "cracking" for security breaking. The people who do it are "crackers". Some of them may also be hackers, just as some of them may be chess players or golfers; most of them are not."

[Yert]

Who predicted that we'd be hacked again? PCWorld?

[mmmna]

Wake up, people: use a firewall, use standalone systems, AND avoid Microsoft Windows!

[GaryR55]

This is a lie. Don't believe what they're telling you. They are using this as a pretext to create new legislation that will enable the NSA, CIA and FBI to "legally" restrict what we can view online, as well as to spy on your every message board post, IM and email.

[Cosmo]

DON'T DRINK THE WATER EITHER!!!!!

IT'S CONTAMINATED WITH EVIL GOVERNMENT MIND CONTROL DRUGS!!!!!!!!!

[Geminate]

The reason the term 'cracker' has not gone mainstream (since it is the proper term for data vandalism, theft and extortion) is obvious. Cracker is a derogatory name given by black people to white people which is used towards white people as nigger (the N word) is used towards black people. There wasn't room for a new additional definition for Cracker. The word Gay will forever mean homosexual, it will never mean happy again, and it will never mean anything else ever again. Hacker is now the term for Cracker, it will never change. So if Hacker is seen as negative, meaning Cracker, then a new term must be thought up to replace Hacker as it is when it is positive. Why is this so difficult to accept? Make up a new word for Hacker in the positive sense.

[MrB398]

Thats real nice. Hackers can alter a cities powergrid. Doesn't anyone do background checks on these people?