Technology drives just about everything we do, and not just at our jobs. From
banks to hospitals to the systems that keep the juice flowing to our homes, we
are almost entirely dependent on tech. More and more of these systems are
interconnected, and many of them are vulnerable. We see it almost every day.
But what if instead of simply a denial-of-service attack against select
Websites, the entire Internet suddenly stopped working -- or for that matter,
Google could not be reached. What if instead of a mere data breach, our
financial institutions were attacked by a weapon that could instantly neutralize
all electronic transactions? Or if hackers wormed their way into the systems
that control the power grid?
[ Think you're prepared for every IT contingency? Take the InfoWorld
worst-case-scenario quiz to find out. | Every bit of your virtual existence is
being monitored -- get scared accordingly with our Top 10 reasons to be
Heck, what if God decided she'd had enough of us and decided to send a solar
storm our way?
If you think these things can't happen, think again. Some already have occurred
on a smaller scale. But we thought it might be fun to turn up the volume and see
what might happen -- how likely a "tech doomsday" scenario might be, how long it
would take us to recover, and how we might prevent it from coming to be.
What could possibly go wrong? Try these scenarios for starters.
Tech doomsday scenario No. 1: America goes dark
News flash: A coordinated hack attack on our nation's power grid caused massive
blackouts across the United States, leaving more than 300 million people without
electricity for days.
The Supervisory Control and Data Acquisition (SCADA) systems that run U.S. power
plants were built some 40 years ago, when the Internet was just a handful of
university computers connected via 300-baud modems.
"Back then every power grid system in the world was considered its own island,"
says Robert Sills, CEO of RealTime Interactive Systems, which provides security
solutions for industrial control applications. "There wasn't technology
available to connect them. Now there is."
And the downside of all this connectivity is that once a local grid gets
overloaded, others connected to it may tumble like dominoes. That's what
happened in August 2003, when overgrown trees and human error triggered a power
outage at Ohio's FirstEnergy. That failure caused a cascade that ultimately left
55 million people in the United States and Canada without power.
It doesn't take an act of God or Homer Simpson at the controls to cause a
cascading power failure. It could be a rogue employee seeking revenge -- like
the software engineer who hacked into an Australian water treatment plant's
SCADA system in 1991, releasing 264,000 gallons of raw sewage.
Or it could be an external attacker who gains entry into a SCADA system's
maintenance ports via war-dialing, and then uses social-engineering or
spear-phishing attacks to gain entry into the network.
Sills says the vast majority of power substations are vulnerable to such an
attack. From there, the attacker simply needs to change a few settings and let
the grid's automated fail-safe systems do the rest.
"Right now it's a system that's pretty wide open," says Sills. "There are any
number of ways someone could make unauthorized transactions via routine
maintenance. You could create an outage simply by pushing the wrong key."