I (Gary McGraw) recently had the pleasure of giving a keynote at the NRECA annual conference in Atlanta. The conference brings together senior management and Board members from rural electric cooperatives throughout the country. Some coops are large in terms of the number of subscribers, and some are large in terms of geographic area covered (those numbers often run opposite to each other). My job as keynoter was to introduce some thinking about computer security to business people who operate power grids for a living. This is a big challenge for a geek like me.
Of course I ended up touching on software security, especially the fact that power meters for the “smart grid” are little IP-enabled computers hung on the outside of your house. Given known attacks against this new breed of meters, the question is how many rooted smart grid meters in a botnet could cause a really serious problem?