backtop


Print 31 comment(s) - last by macthemechanic.. on Aug 7 at 1:40 AM

Data is no longer the only target of cybercriminals

As the most popular operating system in use around the globe, Microsoft Windows is also the most targeted OS for cyber criminals looking to steal data and exploit systems. In the past when hackers attacked a system, they were often looking to steal or change data to suit their needs.

However, cyber attacks and malicious code are now being designed that look to actually take over systems that perform functions in major companies including critical systems in the financial and power industries. Many of these attacks are executed taking advantage of security holes in the Windows operating system.

The U.S. government has created a team of security experts to help industrial firms prepare for a new onslaught of hackers that are bent on taking over the physical systems of power plants and other industry hardware. The reason that the U.S. government is creating a team to help private companies is because as much as 85% of the critical infrastructure for power and other utilities are owned by private firms.

The Canadian Press reports that many attacks have occurred overseas where hackers were trying to take over physical systems rather than steal data. Hackers are targeting power plants increasingly and recent attacks have officials in America concerned.

"People are recognizing that the ability to impact industrial control systems has increased," said Sean McGurk, director of control systems security for DHS. "This type of malicious code and others we've seen recently are actually attacking the physical components, the devices that open doors, close doors, build cars and open gates. They're not just going after the ones and zeros (of a computer code); they're going after the devices that actually produce or conduct physical processes."

One of the latest computer worms that could take over physical systems is the Stuxnet worm. The worm is able to potentially infect computer systems because networks and operating systems in many power plants are very old and haven't been patched with new security fixes. The networks are also often not firewalled from access by high traffic networks and at times are not separated from the internet.

The DHS has been deploying its teams of security experts around the country to assess weaknesses in systems. These teams are also called in to help companies identify and fix networks and computers after cyber attacks. So far the security teams have been dispatched to provide assistance 13 times, in nine of the instances the attacks were deliberate, and four were an unintended result of an operator's action.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

So much for security
By spread on 8/4/2010 10:22:42 AM , Rating: 5
Why are these systems even connected to the internet?

I'm sure workers and management can watch their LOLcat videos on computers OTHER than critical systems at a power plant.




RE: So much for security
By Wiggy Mcshades on 8/4/2010 10:33:35 AM , Rating: 1
they are connected to a network that is connected to the internet. they have to be connect to the network because most of the computers that control any kind of industrial system has no direct user interface and are usually interfaced through another computer. They then must be connected to the internet so they can send out information about the status of certain systems. It'd be quite terrible if a system was failing and it had no way of telling anyone unless you were sitting at the console that controls it. With power plants you have even more need, situations where step down stations are miles away and need to communicate with the systems at the power plant require some sort of network connection.


RE: So much for security
By amanojaku on 8/4/2010 10:43:28 AM , Rating: 5
Before the Internet these machines and power plants worked just fine. Monitoring and control is necessary, but you don't need the Internet for that. There is no reason for a generator to have Internet access, nor the managing stations. A private, physically separate network is the solution. The same company providing Internet access to these locations can also provide the private network between sites. Encryption helps, too.


RE: So much for security
By Iaiken on 8/4/2010 10:53:36 AM , Rating: 2
The problem with that is that it costs money.

Do you really think that if they are already unwilling to shell out to keep the transmission systems up to date that they would really be willing to spend tens of millions to implement a private physical network?

Somebody has to pay for it and in places that have a system operator, the SO points the finger that the utilities and the utilities point the finger at the line owners and the line owners point at the SO ad infinitum. Taxpayer sentiment is that they shouldn't be paying for it so who pays?


RE: So much for security
By amanojaku on 8/4/2010 11:14:53 AM , Rating: 2
For you and Wiggy;

It's not expensive at all. The connection from the plant to the ISP is a single fiber. When you get access you receive a MUX that's installed in the building. The MUX is usually used to convert your router's link from whatever you purchased (DS-3, OC-3, etc...) to the provider's uplink, which is usually an OC-12 or faster. The provider already paid for the fiber, and the provider has at least one huge MUX in its location, so there's no change in cost for the provider.

A MUX is a wonderful device in that it can take several lower-speed links and group them onto a faster link. These days that's usually accomplished by giving each low-speed link a unique wavelength of light, and each link can support 40 wavelengths at 40Gbits/sec. So the Internet access would be on one router path that maps to one wavelength, and the private network would be on another router path mapped to another wavelength.

Once the wavelengths hit the provider's MUX they would be split to hit different provider infrastructures: the Internet routers on one side, and the VPN routers on another. All providers support this, but you pay extra money because you don't know this is available. As a former ISP engineer and client I always get this setup, and cheap, too. You just need to use the same provider throughout the country, which is possible if you use Verizon, Level3, etc...


RE: So much for security
By Iaiken on 8/4/2010 12:24:33 PM , Rating: 3
The problem is that you have thousands of separately owned utilities, systems operators and transmission controllers.

If you can figure out a good way to get them all on board for that, you go right on ahead. I'll applaud you loudly and proudly, but there is a reason that the phrase "moving at the speed of government" exists.


RE: So much for security
By Jaybus on 8/4/2010 1:36:33 PM , Rating: 2
Of course different stations have to communicate somehow, and the Internet is the least expensive (and probably most robust) way. But do they really have to run Windows, the (by far) most targeted OS???


RE: So much for security
By JediJeb on 8/4/2010 1:52:46 PM , Rating: 4
This is the point exactly. This type of communications could make use of some stripped down proprietary OS that could only communicate to computers running it and nothing else.

Imagine if you ran a network running an Atari or TI 8 bit operating system today and a hacker running Linux or Windows was trying to hack in. I imagine it would be a pain to do and get everything to talk. Better yet use the operating system I had on some equipment back in the early 90s that was 20 bit software. It was on an instrument made by Nicolet. Nothing else in the building could talk to it.

The problem is today we have mission critical(on the verge of being national security critical) systems out there that are not secured in any way shape or form. The possibilities exists to make it very very secure but operators and administrators are lazy and cheap and won't do it.


RE: So much for security
By Wiggy Mcshades on 8/4/2010 12:32:04 PM , Rating: 1
The ISP's lets you set up this service free of charge? This seems to be a great fix even if it's not 100% secure(I know it's not ;P) its at least better than the current set up, but still any cost increase isn't going to be accepted warmly by anyone.


RE: So much for security
By AntDX316 on 8/4/2010 11:24:29 PM , Rating: 2
It goes like this. A hacker gains access to a Nuclear reactors main frame. They then cause the nuclear reactor to melt down. A catastrophe occurs. US High Command then instantly orders and overseas the disconnect and update of every nuclear power plant in the US and the world.

It goes like this. No hacker chooses to melt down the reactor. Nuclear reactors get their computers updated. Nothing bad happens.


RE: So much for security
By EricMartello on 8/6/2010 6:21:56 AM , Rating: 2
Dude, these power companies...they don't need to lay cable if they want a private network they just need ETHERNET-OVER-POWER-LINE adapters and they're all set! :D


RE: So much for security
By Wiggy Mcshades on 8/4/10, Rating: 0
RE: So much for security
By JediJeb on 8/4/2010 1:55:47 PM , Rating: 2
What about IP over Powerlines? Couldn't that technology be adapted to connect the different units of the power distribution system on a private network? For a hacker to get into that they would need to be able to interface with the high voltage cables and that would be a second layer of defense I would think.


RE: So much for security
By zmatt on 8/4/2010 10:47:03 AM , Rating: 2
The military uses Siprnet and it isn't directly connected to the internet. They have separate machines for each. There is no reason why there couldn't be something similar implemented. Put bluntly the things such as military communications and infrastructure have no business being connected.


RE: So much for security
By Wiggy Mcshades on 8/4/2010 11:01:09 AM , Rating: 1
i never said they should be connected, only explain why they are. It's cheaper to use a public network and the plants are privately owned so you know what that means for how they approach costs.


RE: So much for security
By tastyratz on 8/4/2010 10:36:45 AM , Rating: 2
*should*
the problem is just like any other. I am sure the relic's they call computers controlling these systems are so simplistic and outdated a scientific calculator would win in a fight.
The security model is out dated because on installation it wasn't a concern. Since when is the government actually known to keep up to date with computer systems?

I remember reading this year that the DMV JUST upgraded from a 20-30 year old mainframe. Can you imagine that?

I think you will be shocked to find the systems in place at our nations critical centers. This audit should have been done 3 times by now, and legislation should be in place mandating minimum standards for compliance to protect us from budget redirects and oversights.


RE: So much for security
By Iaiken on 8/4/2010 10:48:35 AM , Rating: 5
When I was at the electricity system operator of Ontario, they had just finished virtualizing enough computers to fill a 40m by 80m server room into a single HP rack server connected to another SAN rack and the rest of the network via fiber optic interlink.

It was kind of eerie to be standing in a huge/cold/white room that was empty except for two black obelisks in it.

But yeah, there were times in college where I looked at my TI graphing calculator and thought "I could have won WW2 with this thing."


RE: So much for security
By FITCamaro on 8/4/2010 12:17:55 PM , Rating: 3
Ah so that's where they filmed that IBM commercial.


RE: So much for security
By macthemechanic on 8/7/2010 1:40:27 AM , Rating: 2
They don't need to be. They just need access to the Internet. If they are running any commercial OS, they all directly and with installed software loaded, report information and usage back across the Internet. Also much used for license monitoring. If it's on, and they have access to the Internet, they can be hacked.


"We basically took a look at this situation and said, this is bullshit." -- Newegg Chief Legal Officer Lee Cheng's take on patent troll Soverain














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki