Part of Grid Network »

The Grid Professionals Group covers electric current from its transmission step down to each customer's home. 

WARNING: SIGN-IN

You need to be a member of Energy Central to access some features and content. Please or register to continue.

Post

Windows 7 Puts Grid at Risk

image credit: Photo 51154868 © -

  • Feb 22, 2021 5:05 pm GMT
  • 180 views

A couple weeks ago, a water treatment plant in Oldsmar, Florida, was hacked. An unidentified outside agent got into the plant’s control system and turned the water supply’s level of sodium hydroxide from 100 parts per million to 11,100 parts per million. Low levels of the chemical helps regulate the PH level of drinking water, but in large enough quantities the stuff can destroy human tissue. Luckily, an employee saw the trick in real time—it was his computer that had been taken over. Nobody was hurt. 

It’s since been revealed that the plant was using an old version of Windows 7 and Microsoft’s TeamViewer software. The hacker exploited a weak password and the outdated operating systems security holes to get in. 

I haven’t been able to find statistics, but from what I understand, many electric utilities have continued to use Microsoft 7 since the company ended support for the software in January 2020. Without official security updates for over a year now, any outfit using the software runs the risk of being hacked like the water plant in Florida. Given the international attention Texas’ grid woes have gotten the past week, it’s easy to imagine malicious actors now have a heightened interest in attacking electric systems. 

Grid operators have traditionally been loath to update their IT systems, thinking the risk outweighs the reward. However, that conventional wisdom seems evermore outdated. The grid is more connected than in the past and digital security is a primary risk concern.

Henry Craver's picture

Thank Henry for the Post!

Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.

Discussions

Spell checking: Press the CTRL or COMMAND key then click on the underlined misspelled word.
Bob Meinetz's picture
Bob Meinetz on Feb 22, 2021

Henry, as unbelievable as this is, U.S. military security has relied on insecure, vulnerable Windows NT for decades:

"The Type 45 destroyers now being launched will run Windows for Warships: and that’s not all. The attack submarine Torbay has been retrofitted with Microsoft-based command systems, and as time goes by the rest of the British submarine fleet will get the same treatment, including the Vanguard class (V class). The V boats carry the UK’s nuclear weapons and are armed with Trident ICBMs, tipped with multiple H-bomb warheads."

Windows for Warships

"WHILE MICROSOFT CONTINUES to  trumpet the success of its NT operating system over Unix-based systems, the US Navy is having second thoughts about putting NT at the helm. A system failure on the USS Yorktown last September temporarily paralyzed the cruiser, leaving it stalled in port for the remainder of a weekend.

'For about two-and-a-half hours, the ship was what we call '"dead in the water,"' said Commander John Singley of the Atlantic Fleet Surface Force.'"

Sunk by Windows NT

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »