The First Cyber Battle Of The Internet Of Things Era May Have Just Happened

Forbes ^ | January 5th, 2016 | Kalev Leetaru

[Travis McGee]

Just two months ago I wrote about how the Internet of Things will fundamentally reshape the future of cyber warfare, evolving the cyber threat from simple website defacements, denial of service attacks, and data breaches, to affecting the physical world. Two weeks ago an hours-long power outage in Ukraine may have offered a preview of this new world as hackers were claimed to have disabled a portion of the nation's power grid.

On the evening of December 23rd, power was lost across multiple cities in Ivano-Frankivs'ka oblast in Western Ukraine, leaving nearly half the region in the dark for almost six hours. While it has not yet been proven that a cyber attack was responsible for the outage, key related malware was found on the computer systems of the affected power company. More troubling, the malware in question not only had the capability to create a remote backdoor that would have allowed power to be cut off, but also included tools designed to permanently delete files and disable the hard drives of the industrial control computer systems.

Just last year was the first confirmed case of physical damage to a non-military target being caused by a cyber attack, when a German steel mill was "massively" damaged. The US Government is among many racing to develop offensive "lethal" cyber weapons designed to "trigger a nuclear plant meltdown; open a dam above a populated area, causing destruction; or disable air traffic control services, resulting in airplane crashes."

[Travis McGee]

My comment after the Forbes piece: "People in modern societies should count as a blessing every day with electricity and running water. The next great war won't be fought with missiles or jet bombers, which carry a "return address," but with cyber attacks. An enemy doesn't need to drop a bomb on a city, just cut off its electricity for days or weeks, and the city will blow up on its own. MAD, "mutual assured destruction," kept the peace during the Cold War. Not so today, where the origin of an attack can be disguised or misdirected to an innocent 3rd party. Read my short story "Alas, Brave New Babylon" (google it, it's gratis) to see just how grim a future without electricity will be. History is not like an elevator in a building, where if you drop from the 21st Century you can push the button and get off at the 19th. A collapse triggered by widespread grid attacks could lead to a complete collapse of civilization."

[Travis McGee]

Count every day from now on with electricity and running water as a blessing.

Future War means grid down. Then what?

[Travis McGee]

“Alas, Brave New Babylon” new fiction by Matt Bracken

http://www.freerepublic.com/focus/bloggers/3058882/posts

[bert]

and then there is grocery supply

[pgkdan]

A friend and I were discussing the implications of the next big war for us, living comfortably in America. My point was that in WW2 we spent a lot of time, treasure and blood attacking German infrastructure. Bombing factories and electricity plants won’t be necessary the next time around. Hackers can do more damage than bombs. It’s a brave new world.

[Former Proud Canadian]

"Future War means grid down. Then what?"

Then what? Millions die within weeks. But you knew that.

[Travis McGee]

(Link to the full-length Free Republic thread)

[Pollster1]

I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones.
- Albert Einstein

[Blue Collar Christian]

Perhaps I’m just too ignorant and so I question the logic of public utilities having their computers connected to the internet.

[CodeToad]

People say immigration is a good thing...but not if you let just any American hating idiot in.

[Grampa Dave]

Ping!

Thanks.

[Mycroft Holmes]

My last paying job was doing automation for a photo-voltaic solar company. The line was 3K feet long mostly Chemical Vapor Deposition chambers producing amorphous silicon cells on glass. Low cost but low efficiency. Lots of pyrolytic poison gas used in production. Good times...

Not really something you would want to hook up to the Internet. The local controllers, one for each chamber, were the Rockwell Automation devices running their proprietary software; basically PCs running ladder logic. LL dominates in this realm because it is easy for someone who didn't write the code to understand and modify.

At a higher level we used WonderWare to communicate between controllers and run the line as a whole. This is graphical data flow software which turns the bits into pictures of stuff that change with conditions representing the state of the line. It was pretty cool.

Management wanted to be able to sit at home and monitor the line. To do this safely I installed a bit of software on a machine between the line and the Internet called a Historian. This is essentially a very rigid firewall which records activity from the line side and allows access to that historical data from the Internet side. You can't push commands through it under any circumstances.

The downside is that everything at its heart is PCs and Windows XP with all of the associated vulnerabilities. Anything broken that is known is fixed; but you know how that goes in the real world.

	Freedom ≠ Free Stuff☭
	I, for one, welcome our new Cybernetic Overlords /.
Mash Dobbshead® for HTML, bop Hello_Cthlhu for XAMPP

[MarchonDC09122009]

Good question.
I’ll try answering and recommend reading about the challenges of protecting Industrial Control Systems - SCALA

It would be ideal if ICS SCADA systems could be fully isolated (air-gapped) from the public internet.
However, ICS servers and periperhal components need remote access by manufacturers and service vendors in order to monitor events, manage and update software and firmware.
An outside facing interface and service account is vulnerable to attack that exploits weak identity access management security. The same can be said for the weak security found on some wireless connected pump, valve and sensor components. Old legacy components that were designed years ago did not have robust IAM security and are specialized, and very costly to replace (downtime).

A multi-billion dollar power engineering firm I nearly went to work for LAST YEAR, confided that they had yet started to conduct IT Security audits on the dozens of international power plants they manage.

2015 ICS Cyber Security Conference

www.icscybersecurityconference.com Proxy Highlight

The ICS Cyber Security Conference is the event where ICS users, vendors, system ... including protection for SCADA systems, plant control systems, engineering ... Grid: Analyzing what Hackers do when they have access to the “ Power Grid ...
Cybersecurity Myths on Power Control Systems - Department of ...

www.cse.psu.edu/~sem284/cse598e-f11/papers/pietre-cam... Proxy Highlight

Davis–Besse nuclear power plant contaminated by the Slammer worm in 2003 [7 ] is a ... particularly aware of ICS cybersecurity risks. The first widely reported ...
Cybersecurity in the power sector - Power Engineering International

www.powerengineeringint.com/ articles/ p... Proxy Highlight

Oct 14, 2014 ... “Big power plants and big energy producers are under heavy and severe ... According to Symantec, many SCADA and ICS systems sit outside ...
SCADAhacker: Cyber Security for Critical Infrastructure Protection

https://www.scadahacker.com/ Proxy Highlight

An important aspect of cyber security for critical infrastructure protection ... food factories to gas pipelines, power plants, and chemical facilities—even our cars. ... The OSVDB database currently tracks a total of 1069 ICS vulnerabilities, with 98 ...
power plant cyber security | Industrial Control Cyber Security Europe ...

https://industrialcontrolsecurityeurope.com/ tag/ ... Proxy Highlight

Jul 15, 2015 ... The Cyber Senate has arranged a strategic alliance with The Industrial Control System Information Sharing and Analysis Center (ICS-ISAC), ...
Cyber Security Design Methodology for Nuclear Power Control ...

www.automation.com/pdf_articles/Cyber_Security_Design... Proxy Highlight

A complete Nuclear Power ICS cyber security life cycle program is ... Essentially, the purpose of I&C systems at a Nuclear Power Plant (NPP) is to enable and.

[Travis McGee]

Yes, indeed. And it’s far more likely to happen, because unlike missile tracks, a cyber attack’s origins can be disguised.

[Joe Brower]

Yo’, Trav. Speaking for myself, the biggest problem I will have is dealing with all my neighbors who’ll be knocking on my front door, asking I provide them with the things they didn’t think ahead for.

[Buckeye McFrog]

I notice that all of a sudden the big buzz about smart meters has suddenly gone quiet. No doubt this is why.

[mac_truck]

Who says they’ll ask?

[Darksheare]

Seems to me a certain person assured us this was unpossible.

[Blue Collar Christian]

If they already know you prepared, get them started and in on it, especially security.

[Blue Collar Christian]

“An outside facing interface and service account is vulnerable to attack that exploits weak identity access management security. The same can be said for the weak security found on some wireless connected pump, valve and sensor components. Old legacy components that were designed years ago did not have robust IAM security and are specialized, and very costly to replace (downtime).”

Thank you MarchonDC#s. I’m still significantly ignorant to not believe their own secured cyberspace could exist outside of the internet you and I have access to. I’ll try to learn more, and thanks again for the very thorough reply.