Blaster may have contributed to BlackOut 2003

Well, we seem to be coming full circle. Everyone was touting that Blaster had nothing to do with the east coast blackout. It was impossible. Well, apparently not.

ComputerWorld reports that although Blaster did not directly attack control systems of the power grid, it may have contributed to the outage. It seems that due to the very nature of the worm's progagation characteristics, the worm delayed critical signalling messages between the power plants long enough to prevent the automatic protections to properly handle the cascading effect of the outage.

It would appear that when the software was designed the threshholds for stress to ensure timeliness was to low. This is where threat modeling really comes into play. In the last year I have spent countless hours evaluating and re-evaluating better ways to do threat modeling both individually and through groups. I found STRIDE threat modeling the most effective way to have the modeling, and can see how... if they would have used it here, they would have immediately seen the weaknesses they were exposed to. If they had an issue needing timeliness of information, mechanisms should have been provided to better guarantee that the signals got through.

How? Well, I have no clue how they created their communication channels. But off the top of my head they could have used dedicated lines for such information. To expensive? Ok. bandwidth throttling with quality of service (QoS) to ensure that such information took precendence. I can't guess what is the right solution, I wasn't there. But its apparent the software engineers didn't account for it either.

I have a phrase I love to say now adays. I don't know where I picked it up, but its bang on in these situations. You cannot build secure systems unless you know the threats to which you are susceptible.

Amen.