PDA

View Full Version : For you IT types : New threat: Hackers look to take over power plants


Story
August 04, 2010, 07:48
WASHINGTON Computer hackers have begun targeting power plants and other critical operations around the world in bold new efforts to seize control of them, setting off a scramble to shore up aging, vulnerable systems.

Cyber criminals have long tried, at times successfully, to break into vital networks and power systems. But last month, experts for the first time discovered a malicious computer code called a worm specifically created to take over systems that control the inner workings of industrial plants.

In response to the growing threat, the Department of Homeland Security has begun building specialized teams that can respond quickly to cyber emergencies at industrial facilities across the country.

http://www.google.com/hostednews/ap/article/ALeqM5h7lX0JoE1AGngQoEfWWmCM6THizQD9HC86L80

martin35
August 04, 2010, 13:30
Shouldn't this program be farmed out to somebody who knows what they are doing?
Like the THANKYOUVERYMUCHFORCALLINGINDIANSINBOMBAY,,, who probably invented the virus to begin with as a economic stimulas.
To paraphrase Hillary "my mind turns to curry when I hear that?.

Davewusaf
August 04, 2010, 20:38
This is not even possible at most, if not all plants in the US. NERC and FERC govern the control systems at the plants. The plant I work at has no outside lines tying the control systems to any outside lines (ie, internet) We do not even allow wireless acess to our system. There are only a few terminals available to make any changes.

Daveusaf

martin35
August 04, 2010, 22:39
Insulated and isolated monitoring and control systems with limited authorized log-on seems a secure way to insure maximum security, communications are another category again insulation of internal and incoming communications can afford some security to repeat Davewusaf's post.
Power stations could possibly be most vulnerable to those anti electromagnetic devices that I know nothing about

Bama Steve
August 04, 2010, 22:47
http://www.modbus.org/faq.php

Just one of many protocols . . .

The Navajo had a saying that no-one could understand outside of their culture and it still exists today.

Can we still learn?

:rofl:

:wink:

martin35
August 04, 2010, 23:13
I'm far from being a expert on Modbus but it would seem any Internet transmission could be subject to unwanted alterations, how discrete can a commercially available system be? The security monitoring would have to be 24/7/365 without interruption,, I'm not sure we have that at our highest national security levels.
The old Navajo traditionalist had a great reverence and fear of ghosts.

Bama Steve
August 05, 2010, 00:24
Originally posted by martin35
I'm far from being a expert on Modbus but it would seem any Internet transmission could be subject to unwanted alterations, how discrete can a commercially available system be? The security monitoring would have to be 24/7/365 without interruption,, I'm not sure we have that at our highest national security levels.
The old Navajo traditionalist had a great reverence and fear of ghosts.

The IP layer is just the entrance - you gotta "speak" the native language if you want to talk to the locals in charge of switchgear and equipment level controls. IP packets contain instructions to the lower (native) level controllers - few hackers have that talent and those lower level protocols do not afford the same level of tamper-ability as do the the transport protocols so I have to call BS on this threat unless the grid controllers have become so lax (unimaginable) as to let their guard-down.

Ghosts are a part of the past and future - they come in all forms . . . but they do exist depending upon your perspective.

Best!

Sir!

/O

L Haney
August 05, 2010, 05:18
Our control nodes are segmented by hardware firewalls, the accessing computer has to be known and pre-registered at the mac level by another system behind the firewall, the controllers aren't MODBUS, they're a different protocol entirely. Hell, it's hard for us to talk to the damn things.

martin35
August 05, 2010, 05:45
In my opinion most hackers are of malevolent intent , they would surreptitiously kill their old neighbor ladies cat to make her suffer if possible, hacking to control the amount of power being supplied to Glut Idaho is not their objective , destructive power and chaos is.
A disruptive virus that can be installed from a semi-public outside source is a distinct possibility for a indiscrete and non-isolated system, a demented mind can also have some genius.