Malware not a factor in Aug. 14 blackout

Share this article:

A report by a U.S.-Canadian task force concluded that malware did not cause or contribute to the Aug. 14 blackout last year.

Human error and equipment deficiencies were behind the outage that affected millions in the Northeast, according to the U.S.-Canada Power System Outage Task Force.

The task force's Security Working Group found no evidence that a cyber attack directly or indirectly caused the blackout, the report states. The report confirms the task force's initial findings released late last year.

While some speculated last year that the Blaster worm may have contributed to the blackout, the group found no "evidence that worms or viruses circulating on the internet at the time of the power outage had an effect on power generation and delivery systems of the companies directly involved in the power outage."

The task force's cyber-security recommendations include: Develop corporate-level IT security governance and strategies; improve IT forensic and diagnostic capabilities; establish clear authority for physical and cyber security; and develop procedures to mitigate in appropriate disclosure of information.

The full report is available at www.ferc.gov.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

TOP COMMENTS

More in News

Report: Stolen card data is crime that concerns Americans most

A recent Gallup Crime poll indicates that Americans' top two worries revolve around having credit card data stolen or their computer or smartphones compromised.

Pirate Bay co-founder found guilty for hacking IT service provider

Gottfrid Svartholm Warg was found guilty of hacking an IT service provider in Denmark. This is his second court case for illegally accessing data.

Assume Drupal 7 sites are compromised, unless patched or updated to 7.32 ...

Assume every Drupal 7 website is compromised, unless patched or updated to Drupal 7.32 within seven hours of the disclosure of a highly critical SQL injection vulnerability.