Posted on 10/19/2011 3:35:47 AM PDT by edpc
Washington, Oct.19 (ANI): Security researchers have detected a new Trojan, scarily similar to the infamous Stuxnet worm, which could disrupt computers controlling power plants, oil refineries and other critical infrastructure networks.
The Trojan, dubbed "Duqu" by the security firm Symantec, appears, based on its code, to have been written by the same authors as the Stuxnet worm, which last July was used to cripple an Iranian nuclear-fuel processing plant, Fox News reports.
(Excerpt) Read more at in.news.yahoo.com ...
I work in telecom - and I have warned of security vulnerabilities for years. But, usually the "suits" won't listen.
Supervisory Control And Data Acquisition [SCADA] provides for remote data sensing and also remote supervisory control.
While the actual data sensing can be sent over public networks, such as the Internet, supervisory control should be sent over dedicated private networks [as an example: corporate T-1 lines] or thru the Public Switched Telephone Network [PSTN].
The T-1 lines [and the like] are absolutely secure [as long as no one physically taps into them], use of the public telephone network requires the use of a dial-back modem.
When using a dial-back modem, the remote user uses a computer terminal to call the station where the equipment is located. The dial-back modem at the station receives the call and hangs up. The dial-back modem then calls the pre-programmed telephone number back to the remote computer terminal.
Once the connection is established, a username and password are required by the dial-back modem for authentication. The connection is then allowed to be connected to the server located at the site. Again, a username and password are required.
Once this is accomplished, the reemote user has full control of the equipment at the site. Usually, the format is via Command Line Interface [CLI] - which uses simple text commands in order to control the equipment.
This method is EXTREMELY secure, albeit slow when compared to using the Internet. It also costs the price of a telephone line from EACH site to the PSTN and also a telephine line to the remote computer terminal at the Control Center. In addition, there is the one-time cost of the dial-back modem for each site.
The "suits" generally do not like this because of the cost involved. Lets say you have 100 sites. If the dial-back modems cost $50 apiece, the one-time cost is $5000. And if the telephone lines cost $20 pre month, the monthly recurring cost is $2020 [including the telephone line at the Control Center - or $24240 per year.
It is also much slower than using high-speed public Internet access. But, the security it gives vs. the time difference involved supercedes using the public Internet.
Gratutious ignorant Windows-bashing aside, Stuxnet is a worm - the vulnerability is in the the application, not the OS, so it doesn’t really matter what OS it’s running on.
Stuxnet was designed to specifically target the intricacies of an Iranian power plant based on the intelligence community’s understanding of their operating parameters. Also, given the fact that any operating systems can be infected much the same way our drone fleet was compromised (through human error), you simply cannot stand by your assessment that Windows is the root cause.
Properly implemented, Windows environments are stable. It’s the applications installed on those operating systems that can cause the problems. I’ve been in data center engineering and systems analysis for 15 years, and I can attest that our Windows infrastructure (DNS, DHCP, AD, Exchange, etc.) is among the most stable in our environment.
FWIW, I’m a Linux engineer by trade, so going so far as to say that I am ignorant to this discussion is a stretch. And as a correction, worms are built to specific kernels. Trying to infect a Linux or Mac machine with a Windows worm won’t work, and the converse is also true.
Sorry for the misunderstanding.
I thought it seemed a little out of place, but I wanted to make sure. I’m always up for good conversation, but I always like to reinforce my position.
No problem. I’m an AD/Exchange admin so we could probably have a pretty good converstation, but duty calls and I have some Powershell script that needs written.
I'll bet you're right...
God bless ya, there! I got out of the Windows/AD/Exchange world for infrastructure. Much happier with hardware, personally.
If the motor isn't properly protected w/ a phase monitor it's killed, permanently.
Single phase issues also fry just about everything. Go put a ballast on single phase and see what happens.
That would only affect 208 or 480 ballasts. The vast majority are 120 or 277. Are there even 480 ballasts?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.