From ZDNet News:

Although the official interim report from the U.S.-Canada Power System Outage Task Force does not conclusively state that the MSBlast worm contributed to the blackout, there is ample circumstantial evidence that it did.

First, the blackout occurred just three days after the MSBlast attack started. Second, both primary and backup Windows computer systems at FirstEnergy (the Ohio-based utility company where the blackout began) were reported to have crashed just prior to the blackout. Third, FirstEnergy had trouble with the Slammer worm last January. And fourth, evidence suggests FirstEngery’s IT department was slow in general to patch OS vulnerabilities in the past.

BUT DON’T TAKE my word for it. Bruce Schneier, president of the security company Counterpane, doesn’t believe the interim report either. In addition, SecurityFocus columnist Kevin Poulsen first suggested the link not long after the blackout. And antivirus researcher Mikko Hypponen, manager of F-Secure Antivirus research, states in the December 2003 issue of Vanity Fair that while MSBlast didn’t cause the blackout, the blackout wouldn’t have happened without MSBlast.

Voice of Capitalism

Capitalism news delivered every Monday to your email inbox.

You have Successfully Subscribed!

Pin It on Pinterest