November 12, 2009
Sabotaging The System: CBS News, Brazilian Blackouts, and The War for The Internet
Source: CBS News (60 Minutes)
Stop me if you’ve heard this before… There has been a massive blackout in Brazil affecting Rio de Janeiro , Sao Paulo, and parts of Paraguay (BBC, Guardian.co.uk). The blackout is reportedly caused by problems at the Itaipu dam, some say by a storm in the area, others say corporate incompetence is to blame.
Don’t mention that to CBS News, though. They have already decided that “hackers” were the cause. The same “hackers” who caused Brazil to go dark in 2007:
“We know that cyber intruders have probed our electrical grid, and that in other countries cyber attacks have plunged entire cities into darkness,” the president said.
President Obama didn’t say which country had been plunged into darkness, but a half a dozen sources in the military, intelligence, and private security communities have told us the president was referring to Brazil.
Several prominent intelligence sources confirmed that there were a series of cyber attacks in Brazil: one north of Rio de Janeiro in January 2005 that affected three cities and tens of thousands of people, and another, much larger event beginning on Sept. 26, 2007.
That one in the state of Espirito Santo affected more than three million people in dozens of cities over a two-day period, causing major disruptions. In Vitoria, the world’s largest iron ore producer had seven plants knocked offline, costing the company $7 million. It is not clear who did it or what the motive was.
And to back up their claim, CBS News interviews some government-military-intelligence types who say “The US is not ready for a cyber-attack,” or some sound-alike crap, I really wasn’t paying too much attention.
Chicken Little. We’ve heard the stories about multi-million dollar thefts due to hacks, and we do tend to believe them. CBS tries to make the big leap to infrastructure attacks by adding how hackers have penetrated military and government systems by leaving USB thumbdrives lying around for sheeple to find and plug into their systems, infecting them and leaving backdoors open for further intrusions and attacks. It sounds like if such an attack is possible, it was made so by clueless soldiers and wage-slaves.
But are such attacks possible, even by “foreign” government agents? I wouldn’t put it pass them… but then again, I did read The Hacker Crackdown (I have to get a review up here!), and knowing that there’s a war for control of the Internet on, I would have to call shenanigans.
Someone beat me to the phone…
Wired Calls Shenanigans. (Wired) No sooner than CBS News puts the video and transcription up for public review, Wired’s Marcelo Soares knocks the foundation out from under:
Brazilian government officials disputed the report over the weekend, and Raphael Mandarino Jr., director of the Homeland Security Information and Communication Directorate, told the newspaper Folha de S. Paulo that he’s investigated the claims and found no evidence of hacker attacks, adding that Brazil’s electric control systems are not directly connected to the internet.
Uh oh. It looks like Brazil did something right (not connecting directly to the Internet), so CBS’s hacker claim is just some gov-mil-corp scare tactic. But if hackers didn’t cause those blackouts, what did?
The earliest explanation for the blackout came from Furnas (Centrais Elétricas) two days after the Sept. 26, 2007, incident began. The company announced that the outage was caused by deposits of dust and soot from burning fields in the Campos region of Espirito Santo. “The concentration of these residues would have been exacerbated by the lack of rain in the region for eight months,” the company said.
Brazil’s independent systems operator group later confirmed that the failure of a 345-kilovolt line “was provoked by pollution in the chain of insulators due to deposits of soot” (.pdf). And the National Agency for Electric Energy, Brazil’s energy regulatory agency, concluded its own investigation in January 2009 and fined Furnas $3.27 million (.pdf) for failing to maintain the high-voltage insulators on its transmission towers.
(Note: See the original article from Wired for links to the pdf files mentioned above)
Yep, corporate incompetence caused the blackouts. Don’t mention that to CBS News, though. It’ll ruin their image as a corporate propaganda machine.
Comments
November 15, 2009
FrankCastle said:
Hello guys,
I’m from Osasco (city of São Paulo - Brazil). Sorry, but my english it’s not fluently.
In the moment of the Blackout (aka “Apagão” in Brazil), I was playing Street Fighter IV in my Xbox 360 on Xbox Live
Fortunately, the console was plugged in a Nobreak
The lights oscillate, I turned off every equipment. Fortunately, all of them are ok. In that moment I think the blackout was local. But after using my sister’s laptop (with my ADSL modem conected in my nobreak), I just type on Twitter “#Apagao” (Blackout)… and I find many people of various cities and States talking about the occurried!
Many people said: “That Blackout it’s an ARG about the movie ‘2012′ ” (this movie premiere occuried in last Friday in Brazillian Movie Theatres).
Before the nobreak energy finishes, I wrote a blog post about this situation, but with sarcasm:
http://frankcastiglione.wordpress.com/2009/11/10/se-voce-esta-lendo-isso-voce-faz-parte-da-resistencia/
“If you are read this, you’re a part of resistance”
I remember of one character of a TV Show called Jericho (”Robert Hawkins”)
Good post! I always read yours blog post, I track the new posts by RSS Feed (with FeedReader).
That’s the real: “Cyberpunk it’s now” We are living what we watched in the 80’s movies like “Blade Runner” and others cyberpunk movies!
November 16, 2009
Comwedge said:
Awesome Article Roboto!
kabukiman said:
Well, at least the corporates in brazil were honest and admitted it was their fault.
m4teus said:
As said in your post, the mainframe of the generators are not connected to the net.
They are hidreletric generators, that produces electricty using water work at the dams… so that excludes the hypothesis that it may be a powerplant malfunctioning… What could really happened is a problem with the electrical connections between the energy reservoirs at the power plant with the city electrical distributors.
Anyway, even if it were a hacker job, I would desaprove it. They should try to attack an specific company, or something.. not messing up with common people job (and money).
Mateus, from Brasil.
November 21, 2009
Adam Daub said:
INTERNETS?! WHO NEEDS INTERNETS?!!? I hacked into Brazil’s power just after I hacked into my house cat. >
November 28, 2009
0m1kr0n said:
All this ‘cyber war’ stuff is sensationalist garbage being spouted by incompetent security firms and independent contractors who want to boost their profit margins.
Software vulnerabilities and architectural design consistency are complex enough, the scary “hackers” aren’t going to easily break ISP gateways. DNS attacks and botnet ddos are the biggest threats these days, and people who exercise poor password and social policies. These are all being used for profit though, destruction isn’t profitable.
Things like buffer overflows, xss, cgi vulns, and request forgery are hard enough to keep the stupid at bay these days. This sensationalism is left over from when ‘mtv watchers’ could penetrate systems with trivial methods.
I’m glad it’s getting to where only the intelligent can reverse protections and find vulnerabilities too. I’d give it maybe 3 more years of companies losing money before they use better DRM and practise proper policy.