Crazy conspiracy theory: the Chinese and/or Russians have most likely already compromised our power grid and other infrastructure control systems and are waging covert economical war by disrupting important services.
A substation fire isn't a root cause. What caused the fire?
Possibilities I know of would mostly require failure of safety measures, but would include such things as hapless squirrels & birds, problems elsewhere in the system, and yes even remote operation of substation equipment by humans in dangerous ways. (Including both incompetence and malice, though in the latter case you would have to assume the safety measures didn't fail but were overridden.)
Addendum: I'm not coming out full force in favor of a conspiracy theory, I'm coming out full force in favor of keeping an open mind, not getting overly comfortable in one's beliefs, and remembering one knows a lot less than one thinks one knows.
It'd be pretty easy to trigger a substation fire by feeding lower values into the voltage sensors than how much was actually flowing. Similar to how Stuxnet faked the values it was overriding so that everything seemed normal when in reality the centrifuges were spinning out of control. As another commenter pointed out, it's just keeping an open mind...
I'll take a stab at it. I'm not an electrical engineer but I do have some experience with industrial control systems.
From Wikipedia: "Generally substations are unattended, relying on SCADA for remote supervision and control." These SCADA systems may or may not be connected to Internet, which could allow an attacker to remotely access and modify the code that controls transformers and other electrical equipment.
In another comment, someone mentioned the power company was, in this case, pumping C02 into the substation in order to contain smoldering electrical insulation. This means that, most likely, the copper conduit heat up beyond defined tolerances. This could be due to more current being carried than those conduits are rated for. Normally, the SCADA system would be responsible for keeping these currents within tolerances. What I am saying is that they could deliver a payload to the PLCs via the SCADA that could trick the transformers into taking more load than they could handle.
I believe the idea is, you make the monitoring values read too low (lower than the actual voltage in the wires), so the automatic control system adjusts by making the voltage higher. If you can get it to make the real voltage higher than the equipment can safely handle, you may get a fire.
At best Hanlon's razor is a bet on the odds that most cases are stupidity and not malice (probably true). It doesn't mean there is no malice in the world and only stupidity.
That's why I said "not likely" rather than "impossible". It's just conservative Bayesian prior.
Remember last time nefarious hackers infecting computers at power plants were in the news, that later turned out to be antivirus finding some spam on completely unrelated computer?
It's hard to imagine you really understand Bayesian statistics when you mention what happened the last time as support for your point. It is quite hard to believe that you know with reasonable degree of accuracy the probabilities involved.
Ok I'll bite. Let's back of the envelope the probability.
In the past 17 years I experienced 5 blackouts, so return period is about 1,241 days. Among the cities that were mentioned, San Francisco is the smallest, with population about 865,000. Let's look at all US cities with population above 500,000. There are 34 of those.
The probability of having simultaneous blackout in 3 of 34 cities during 1,241 days is 1-exp(-C(34,3)/1241^2)=0.4%, or about 2% for the same 17 year period.
The above calculation assumes independence, but in reality probability is much higher because independence assumption rarely holds in real life. For example, we already observed multiple large cities in the Northeast having simultaneous blackouts in 2003.
No. But it does not apply in this case. It may turn out to be coincidence or stupidity but claiming that it is likely to be thus because of Hanlons Razor is wrong and bad thinking.
The biggest part of that economic war would be letting everyone know the grid has been compromised, not the actual outage, there's no advantage to keeping it secret.
I'd argue that taking out the power in three major economic centers at the same time would be the opposite of keeping it secret. But I completely agree with your reasoning.
But the downside to making it public is you'll galvanize the victim nation to start taking computer security more seriously, and your window of opportunity will start to close. It would make sense to try to "boil the frog" and gradually and slowly increase the frequency and severity so that by the time you "find" the threshold that snaps the victim nation out of their slumber, you've gotten away with a lot of damage cumulatively.
It's a valid hypothesis and not crazy at all. If this were random I'd expect totally random cities, not the three most economically significant.
It might not be covert economic warfare, but more of a covert demonstration whose audience is intended to be the US government. "We have lots of dangerous 0-days, and there's a lot more where these came from." In that case public credit would never be claimed.
It reminds me of how GitHub kept getting DDOSed for no reason. Turns out GitHub was a popular demo target for vendors of DDOS botnets to show their power.
Edit: could be exactly that... a demo of wares by a black market vendor of 0-days for a potential buyer.
Edit #1: a non-malicious explanation might be a vendor pushing out a bad software update to something.
"If this were random I'd expect totally random cities, not the three most economically significant."
I would be very surprised if there weren't at least 3 power outages in random cities on a daily basis, you just don't hear about it until it's 3 major cities.
> I would be very surprised if there weren't at least 3 power outages in random cities on a daily basis, you just don't hear about it until it's 3 major cities
I wouldn't even be surprised if it regularly were 3 major cities at about the same time and it's just that statistically someone had to end up taking notice and trying to make sense out of it when it's actually a somehow random† distribution of events, the latest of which happening to be clustered.
But digital warfare seems to somehow look more exciting to many, probably because it's intuitively less frightening than waving nukes at each other's nose, while it may very well impact people's lives for the worst in a very large, non-obvious and pernicious way.
† Some events may be random but aren't independent across because of interconnections and dispatching woes[0]. Managing a power grid or three is a fascinating thing in itself.
This is along the lines of my thinking... I think before jumping to conclusions, it would be worth digging up some semi-current data on frequencies of outages. Not sure how conveniently/centrally that data is available, however.
You could argue that none of the ones today are weather related. If you remove the weather related outages, it's easier to support the notion of a conspiracy. I don't personally think this is one, but...
I don't think SF ranks in the top 3, I'm almost certain that Chicago would rank higher in economic significance, and I'd guess that Houston is above SF, probably Boston too.
Despite SF being so popular in the technology space, it's really quite a small city -- only around 800K people, compared to nearly 4M in LA, and 2.5M in Chicago.
http://sanfrancisco.cbslocal.com/2017/04/21/power-outage-shu...