10:17 – A lot of preppers are concerned about a nuclear EMP attack or a repeat of the CME Carrington Event taking down the power grid. I estimate the probability of the former to be < 0.001/year and the latter to be about 0.01/year. Of considerable more concern to me--especially given recent news about Chinese attacks on US computer systems–is the grid being taken down by computer crackers, Chinese or otherwise. I estimate the probability of that occurring as > 0.1/year. If that estimate is correct, the probability is about 0.65 that some sort of serious computer attack on our infrastructure will occur within the next decade.
I am flabbergasted that critical facilities–power grid control, nuclear power plants, pipelines, municipal water treatment plants, and so on–use ordinary general-purpose computers, many of them running MS Windows(!). If that’s not bad enough, what moron decided to allow critical control systems to be connected to the Internet? Those control systems should be secured from physical access, running stripped-down versions of Unix/Linux or another secure OS, with the OS and applications on ROM, no connection to any network, and the USB ports epoxied closed. Apparently, none of that is being done in most critical control systems.