SCADA vs. the hackers [Can freebie software and a can of Pringles bring down the U.S. power grid?]

http://www.memagazine.org/backissues/dec02/features/scadavs/scadavs.html ^ | Alan S. Brown

[StatesEnemy]

As far as we know, no one has ever deliberately hacked into the U.S. electrical grid and pulled the plug on millions or even thousands of people. Just as on Sept. 10, 2001, no one had ever deliberately crashed a jet airliner into a skyscraper.

Is the power grid vulnerable to cyberattack? What about natural gas pipelines, nuclear plants, and water systems? Or refineries and other industrial facilities that run on similar Internet-enabled digital control systems? Could a terrorist or disgruntled employee cause lethal accidents and millions of dollars of damage? What about a bored 14-year-old?

"Are we vulnerable?" asked Joseph Weiss, executive consultant for KEMA Consulting, which is based in Fairfax, Va. "Of course, we are. We designed ourselves that way."

None of the industrial control systems used to monitor and operate the nation's utilities and factories were designed with security in mind. Moreover, their very nature makes them difficult to secure. Linking them to networks and the public Internet only makes them harder to protect.

Wireless Intrusion

Paul Blomgren, manager of sales engineering at cyber- security firm Rainbow Mykotronx in Torrance, Calif., measures control system vulnerabilities. Last year, his company assessed a large southwestern utility that serves about four million customers.

"Our people drove to a remote substation," he recalled. "Without leaving their vehicle, they noticed a wireless network antenna. They plugged in their wireless LAN cards, fired up their notebook computers, and connected to the system within five minutes because it wasn't using passwords.

"Within 10 minutes, they had mapped every piece of equipment in the facility," Blomgren said. "Within 15 minutes, they mapped every piece of equipment in the operational control network. Within 20 minutes, they were talking to the business network and had pulled off several business reports. They never even left the vehicle."

Blomgren, of course, is a professional with a professional's tools. But Eric Byres, research manager at the Internet Engineering Laboratory of the British Columbia Institute of Technology in Burnaby, maintains that any hacker could achieve similar results—with free software off the Internet and a can of Pringles.

Wireless systems are especially vulnerable to attack, Byres said. He cited as an example a petrochemical plant that he just finished assessing. "They had an overflow pond that wound around the plant site and wanted to put sensors on it, but they were worried that if they ran fiber, someone might dig it up," he said. "So they put in a wireless system."

Because the wireless system was part of the plant network, information technology engineers assumed the firewall would protect it from unauthorized access. That was not the case. Because they thought they were secure, they never even turned on the wireless transmitters' security features. Byres said that many information technology, or IT, professionals don't even know these options exist.

[StatesEnemy]

Our government is failing to protect us.

[Fifth Business]

Be sure to remove the contents of the Pringles can first.

[smoothsailing]

Pringles?

Nah it's those Cheese Doodles.

You should start paying more attention.

Ask for a cookie.

[StatesEnemy]

Well, only if you want the data un-enchipted

[shadowman99]

This is really irresponsible... now we're supposed to fear wifi? Because somebody MIGHT do something bad?

The world is full of useful tools that can be used to do bad things.Even a hammer or screewdrive is dangerous in the wrong hands.

Someone forgot to put on his tin foil hat.

[GOP_1900AD]

I would defintely not discount this at this point. We've now heard a number of bogus suspected root causes and all of them have been shot down. The fact that we still apparently cannot trace the point of origin suggests strongly that a multipoint failure may have occured. Now, what would be capable of causing a multipoint failure?

[Orangedog]

The problem isn't the 14 year olds who cobble together a YAGI out of a pringles can and some nuts and bolts. It's the dumb-ass admins who won't even bother to turn on the security features in their hardware or setting permissions in their networks and software. Terrorists like to blow things up, not dig around in a petrochemicals payroll system.

[Fifth Business]

Well, only if you want the data un-enchipted

Ouch! Good one!

[Paul C. Jesup]

The socialist at SCADA is doing enough of a job at turning the country in a tyranny all by themselves.

[Asclepius]

Our government is failing to protect us.

Or our failed protectors govern us not wisely but too well.

We need to protect ourselves.

... from ourselves, mostly.

[Paul C. Jesup]

The socialists at SCADA is doing enough of a job at turning the country in a tyranny all by themselves.

[StatesEnemy]

This is really irresponsible... now we're supposed to fear wifi?

No... we should be aware of the vulnerability of allowing sensitive systems to be broadcasting unsecured on WiFi.

Surely this is common sense - not hyperbolic hand-wringing.

[Fifth Business]

This is really irresponsible... now we're supposed to fear wifi? Because somebody MIGHT do something bad?

I don't think it is irresponsible. WAPs are proliferating and extremely tempting to hackers. They are instant access to an internal network with no firewall protection. Furthermore, they are often installed by ordinary computer users with no encryption, creating a major security risk.

[Asclepius]

Terrorists like to blow things up, not dig around in a petrochemicals payroll system.

Students of Chairman Mao's notion of the soft strike (to degrade as opposed to destroying hostile systems), an interpretation of passages from Sun Tzu, excepted.

[StatesEnemy]

Glad you could appreciate...

Humor is the only proof of sanity these days.

[TheFrog]

Re: “None of the industrial control systems used to monitor and operate the nation's utilities and factories were designed with security in mind. Moreover, their very nature makes them difficult to secure. Linking them to networks and the public Internet only makes them harder to protect. “ None? Pure B.S. we do not connect our IT network to plant control systems period. No connections make it damn hard for a virus or hacker to access. I guess the fact that plant control computers are kept it locked rooms with discrete terminal access, and limiting what functions can be performed from what terminals doesn’t count as security.

[smoothsailing]

Is SCADA one of them "what is is" places?

Honestly, I do not know.

[StatesEnemy]

Here's another little tidbit for the digestive tract.

[blondee123]

Our government is failing to protect us.

B.S., obviously the author of this piece of crap has not done his research, or has no contacts to get correct information. Yes, most large companies, utilities included are on the internet, but NOT the computers that run their vital systems!! SHEESH!

[shadowman99]

Try this on for size:

Gun-grabbers use this kind of fear, uncertainty and doubt to pass bad laws that restrict your freedom to defend yourself.

Guns do not kill people. People kill people, the gun is the tool.

This article describes common network administration and system diagnostic tools, installed on a portable system. Tools. In this case they may be abused.

Then again perhaps not... "War driving" is a practice of mapping wireless access points There are benign reasons one might do this, just like there could be malicious.

In some cities there are grass roots efforts to esablish free and legal internet over 802.11. To connect, you just need to find the nearest access point. You might use a setup descibed above to get connected. These people even use the pringles can trick. And national security is not at risk. Just communication monopolies.

Remember kids: computers don't hack computers. People hack computers.