Academic Paper in China Sets Off Alarms in U.S.  

The New York Times has an article on a Chinese student who has written a paper on US power grid vulnerabilities - Academic Paper in China Sets Off Alarms in U.S..

It came as a surprise this month to Wang Jianwei, a graduate engineering student in Liaoning, China, that he had been described as a potential cyberwarrior before the United States Congress.

Larry M. Wortzel, a military strategist and China specialist, told the House Foreign Affairs Committee on March 10 that it should be concerned because “Chinese researchers at the Institute of Systems Engineering of Dalian University of Technology published a paper on how to attack a small U.S. power grid sub-network in a way that would cause a cascading failure of the entire U.S.”

When reached by telephone, Mr. Wang said he and his professor had indeed published “Cascade-Based Attack Vulnerability on the U.S. Power Grid” in an international journal called Safety Science last spring. But Mr. Wang said he had simply been trying to find ways to enhance the stability of power grids by exploring potential vulnerabilities.

“We usually say ‘attack’ so you can see what would happen,” he said. “My emphasis is on how you can protect this. My goal is to find a solution to make the network safer and better protected.” And independent American scientists who read his paper said it was true: Mr. Wang’s work was a conventional technical exercise that in no way could be used to take down a power grid.

The difference between Mr. Wang’s explanation and Mr. Wortzel’s conclusion is of more than academic interest. It shows that in an atmosphere already charged with hostility between the United States and China over cybersecurity issues, including large-scale attacks on computer networks, even a misunderstanding has the potential to escalate tension and set off an overreaction.

“Already people are interpreting this as demonstrating some kind of interest that China would have in disrupting the U.S. power grid,” said Nart Villeneuve, a researcher with the SecDev Group, an Ottawa-based cybersecurity research and consulting group. “Once you start interpreting every move that a country makes as hostile, it builds paranoia into the system.”

This is old hat in the computer security community, but I thought many of the readers of this blog might appreciate it. The really cool part starts at about 1:20 where they show video of an official government experiment in which they physically destroyed a 27 ton diesel generator just by hacking the network control interface.

Hacking and physically damaging a material fraction of the power grid would, I think, be pretty much the end of civilized life in the target country for a long time. It's not easy to do - it requires a lot of specialized knowledge and skills - but it almost certainly is possible and there are specialized offensive cyber-attack units in various countries that are tasked with knowing how to do this kind of stuff (there have been persistent rumors that the Chinese were involved in the North East power grid outage of 2003, but it's never been confirmed and might well be speculation).