X

MSBlast and the Northeast power outage

The computer virus hindered response, acknowledges the Department of Homeland Security's top cybersecurity official.

Robert Lemos Staff Writer, CNET News.com
Robert Lemos
covers viruses, worms and other security threats.
Robert Lemos

Any journalist will tell you, words matter.

So when Andy Purdy, the acting director of the National Cyber Security Division at the Department of Homeland Security, stated in an interview on Tuesday that the investigation of the Northeast Power Outage found "no malicious cyber component," it was time to pick apart the phrase.

The report on the outage and its causes used similar wording, which has caused many to infer that the MSBlast worm, also known as the Blaster worm, did not worsen the events of August 2003.

I pointed out to Purdy that the statement only indicates that no cyber attack specifically targeted the power infrastructure to cause the outage and that a careful reading of the report and other sources indicate that MSBlast crippled key detection systems and delayed response during a critical time. The conclusion is that the MSBlast worm significantly worsened the effect of the outage.

Purdy's response: "I don't disagree--except for a word or two--with what you said." He would not elaborate.