Author Topic: Cyber attack in the US  (Read 3665 times)

0 Members and 2 Guests are viewing this topic.

Offline BMG

  • Established Member
  • ***
  • Posts: 1320
Cyber attack in the US
« on: November 18, 2011, 01:40:20 PM »
http://www.washingtonpost.com/blogs/checkpoint-washington/post/foreign-hackers-broke-into-illinois-water-plant-control-system-industry-expert-says/2011/11/18/gIQAgmTZYN_blog.html

http://www.breitbart.com/article.php?id=CNG.bb560ae65a071dc80a1c88fdc371ec35.d51&show_article=1

Quote
Foreign hackers broke into a water plant control system in Illinois last week and damaged a water pump in what may be the first reported case of a malicious cyber attack on a critical computer system in the United States, according to an industry expert.

Quote
“This is a big deal,” said Weiss. “It was tracked to Russia. It has been in the system for at least two to three months. It has caused damage. We don’t know how many other utilities are currently compromised.”
« Last Edit: November 18, 2011, 10:51:34 PM by BMG »
“The Constitution is not an instrument for the government to restrain the people, it is an instrument for the people to restrain the government.” 
- Patrick Henry

"The more corrupt the state, the more it legislates."
- Tacitus

Online Libertas

  • Conservative Superhero
  • *****
  • Posts: 63650
  • Alea iacta est! Libertatem aut mori!
Re: Cyber attack in the US
« Reply #1 on: November 18, 2011, 02:10:52 PM »
Link bombs on me.   ::gaah::

No mention of who the intruder may be?
We are now where The Founders were when they faced despotism.

Online Pandora

  • Administrator
  • Conservative Superhero
  • *****
  • Posts: 19529
  • I iz also makin a list. U on it pal.
Re: Cyber attack in the US
« Reply #2 on: November 18, 2011, 03:52:25 PM »
This is the rare occasion when the link actually worked for me.   :supercool:

Quote
... a technician determined the system had been remotely hacked into from a computer located in Russia, said Joe Weiss, an industry security expert who obtained a copy of an Illinois state fusion center report describing the incident.

“This is a big deal,” said Weiss. The report stated it is unknown how many other systems might be affected.

The Department of Homeland Security confirmed that a water plant in Springfield, Ill. had been damaged, but spokesman Peter Boogaard said officials had not yet determined that the water pump failure was caused by a cyber-attack. “DHS and the FBI are gathering facts surrounding the report of a water pump failure in Springfield, Illinois. At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety,” he said.

Dave Marcus, director of security research for McAfee Labs, said that the computers that control critical systems in the United States are vulnerable to attacks that come through the Internet, and few operators of these systems know how to detect them. “So many are ill-prepared for cyber attacks,” Marcus said.

Problems with the system in Springfield had been observed for two to three months and recently the system “would power on and off, resulting in the burnout of a water pump,” the Nov. 10 report from the statewide terrorism and intelligence center stated, according to Weiss, who read the report to The Washington Post.

According to the report, hackers apparently broke into a software company’s database and retrieved user names and passwords of various control systems that run water plant computer equipment. Using that data, they were able to hack into the plant in Illinois, Weiss said.

It’s not the first time that two-step technique — hack a security firm to gain the keys to enter other companies or entities — has been used.

There's more.  Maybe you'll be able to pull up the article from home, Libertas.
"Under certain circumstances, profanity provides a relief denied even to prayer." - Mark Twain

"Let us assume for the moment everything you say about me is true. That just makes your problem bigger, doesn't it?"

Offline AlanS

  • Conservative Superhero
  • *****
  • Posts: 7908
  • Proud Infidel
Re: Cyber attack in the US
« Reply #3 on: November 18, 2011, 05:24:36 PM »
One thing I've never understood. Why do sensitive computers like this have to be hooked to a LAN giving hackers a hole? If you'd just take the damn things off the web, nobody could get to them. Computers can have a data highway without going into the world.
"Malo periculosam, libertatem quam quietam servitutem."

Thomas Jefferson

Offline Alphabet Soup

  • Conservative Superhero
  • *****
  • Posts: 5610
  • Hier standt ich. Ich kann nicht anders
Re: Cyber attack in the US
« Reply #4 on: November 18, 2011, 07:23:57 PM »
My BS meter is blaring in the background...

charlesoakwood

  • Guest
Re: Cyber attack in the US
« Reply #5 on: November 18, 2011, 07:38:52 PM »
One thing I've never understood. Why do sensitive computers like this have to be hooked to a LAN giving hackers a hole? If you'd just take the damn things off the web, nobody could get to them. Computers can have a data highway without going into the world.

I'm smelling some socialist collectivist all generators need
to be connected to keep the power supply level for everybody
kind of thing.

Online Pandora

  • Administrator
  • Conservative Superhero
  • *****
  • Posts: 19529
  • I iz also makin a list. U on it pal.
Re: Cyber attack in the US
« Reply #6 on: November 18, 2011, 07:47:02 PM »
My BS meter is blaring in the background...

What set it off, pray tell?
"Under certain circumstances, profanity provides a relief denied even to prayer." - Mark Twain

"Let us assume for the moment everything you say about me is true. That just makes your problem bigger, doesn't it?"

Offline Alphabet Soup

  • Conservative Superhero
  • *****
  • Posts: 5610
  • Hier standt ich. Ich kann nicht anders
Re: Cyber attack in the US
« Reply #7 on: November 18, 2011, 07:49:04 PM »
My BS meter is blaring in the background...

What set it off, pray tell?

Things that I know...

Offline AlanS

  • Conservative Superhero
  • *****
  • Posts: 7908
  • Proud Infidel
Re: Cyber attack in the US
« Reply #8 on: November 18, 2011, 08:13:46 PM »
"Malo periculosam, libertatem quam quietam servitutem."

Thomas Jefferson

Online Pandora

  • Administrator
  • Conservative Superhero
  • *****
  • Posts: 19529
  • I iz also makin a list. U on it pal.
Re: Cyber attack in the US
« Reply #9 on: November 18, 2011, 09:47:15 PM »
My BS meter is blaring in the background...

What set it off, pray tell?

Things that I know...

Okay, Mister Cryptic.  Keep yer lip zipped.  See if I care.   :P
"Under certain circumstances, profanity provides a relief denied even to prayer." - Mark Twain

"Let us assume for the moment everything you say about me is true. That just makes your problem bigger, doesn't it?"

Offline Alphabet Soup

  • Conservative Superhero
  • *****
  • Posts: 5610
  • Hier standt ich. Ich kann nicht anders
Re: Cyber attack in the US
« Reply #10 on: November 18, 2011, 11:59:46 PM »
Do a gargoyle search of FERC, NERC, and Homeland Security. Spend a little time looking at the public offerings on post-9/11 utility plant security. The old stereotype of the nightwatchman asleep in his guard-shack is quaint but inaccurate. Likewise the picture of someone playing on Facebook from a workstation that also controls vital subsystems for any utility borders on the ludicrous.

If you are knowledgeable about the networks most companies use you are familiar with concepts such as firewalls, web-based content filters, proxies, and - in Windows-based networks - group policies (to name a few). All these appliances and systems work to limit access to sensitive systems. The thing about utilities, security companies, financial corporations, etc is that with most of them the computers that control their vital core infrastructure systems aren't even connected to their corporate network much less the Internet. They are on private networks, physically isolated from email systems and web traffic. The only way to hack them is to breach physical plant security (often multiple layers) sit down at a terminal and then breach hardened network security.

So let's put on our James Bond jacket, take a draw on our vodka martini (shaken, not stirred) and imagine we're about to conduct a little industrial sabotage. We've mapped out the physical location of this high-value target - a water plant. We pole vaulted the chain-link fence, transversed two or three hundred yards of CCTV monitored ground, breached a number of doors in order to gain access to a control room where we've identified the workstation that hosts the control set - no doubt from the large lettered sign that says "Plant Control Computer" - and "hacked" our way into it, likely using the password "password" to gain entry.

Now we are in position to wreak some serious havoc, so what do we do? We reprogram a pump to cycle until it goes tits up. Brilliant.

I'm not saying it can't happen. I'm saying that the probability of it happening is roughly on the order of Øbozo suddenly getting some humility.

...just sayin

Online Pandora

  • Administrator
  • Conservative Superhero
  • *****
  • Posts: 19529
  • I iz also makin a list. U on it pal.
Re: Cyber attack in the US
« Reply #11 on: November 19, 2011, 12:05:08 AM »
Quote
..... firewalls, web-based content filters, proxies, and - in Windows-based networks - group policies (to name a few). All these appliances and systems work to limit access to sensitive systems. The thing about utilities, security companies, financial corporations, etc is that with most of them the computers that control their vital core infrastructure systems aren't even connected to their corporate network much less the Internet. They are on private networks, physically isolated from email systems and web traffic. The only way to hack them is to breach physical plant security (often multiple layers) sit down at a terminal and then breach hardened network security.....

You DO know, I'm positive you do, that many companies contract out this work to, oh, AT&T, Verizon and others.  Physical plant security does not require breaching.  Remote hacking is entirely plausible.
"Under certain circumstances, profanity provides a relief denied even to prayer." - Mark Twain

"Let us assume for the moment everything you say about me is true. That just makes your problem bigger, doesn't it?"

charlesoakwood

  • Guest
Re: Cyber attack in the US
« Reply #12 on: November 19, 2011, 12:25:17 AM »

Quote
..... firewalls, web-based content filters, proxies, and - in Windows-based networks - group policies (to name a few). All these appliances and systems work to limit access to sensitive systems. The thing about utilities, security companies, financial corporations, etc is that with most of them the computers that control their vital core infrastructure systems aren't even connected to their corporate network much less the Internet. They are on private networks, physically isolated from email systems and web traffic. The only way to hack them is to breach physical plant security (often multiple layers) sit down at a terminal and then breach hardened network security.....

You DO know, I'm positive you do, that many companies contract out this work to, oh, AT&T, Verizon and others.  Physical plant security does not require breaching.  Remote hacking is entirely plausible.

#2
Quote
According to the report, hackers apparently broke into a software company’s database and retrieved user names and passwords of various control systems that run water plant computer equipment. Using that data, they were able to hack into the plant in Illinois, Weiss said.


charlesoakwood

  • Guest
Re: Cyber attack in the US
« Reply #13 on: November 19, 2011, 12:29:36 AM »

This could have a cascade affect, not so much at a water plant but
at an electric generation plant.  Many plant are tied together on the
grid theoretically to keep the loads balanced; however, a few years
ago there were cascading black and brownouts through several states
because a failure caused a cascading overload.


Offline Delnorin

  • Full Member
  • ***
  • Posts: 353
    • Free Speech While It Lasts
Re: Cyber attack in the US
« Reply #14 on: November 19, 2011, 06:17:01 AM »
My BS meter is blaring in the background...

Beyond BS.

It has been my professional career since 1992 to be an operator as a drinking water plant using SCADA systems every day.

You never ever ever ever ever connect your water plant SCADA system in any way whatsoever to the internet.

If people understood how utterly repulsive the entire concept of doing that is they would know that this is 100% false.  There is no water system in the country that would in any way connect their SCADA system to the internet.  It is NEVER NEVER NEVER done.

It's like someone putting sand in their car's gas tank at the gas station.  You NEVER EVER EVER do it.

I will stand before a congressional hearing as an expert and raise my hand and swear that the water plant in question in no way was hacked through the internet into their SCADA system.  Never ever ever ever.

I can't even express how.. oh wait.. the sun just rose out of my ass this morning.  That's the same chance of a SCADA system in a water plant being hooked up to the internet in any way at all.  Completely separate hard-wired and isolated systems.

Offline Delnorin

  • Full Member
  • ***
  • Posts: 353
    • Free Speech While It Lasts
Re: Cyber attack in the US
« Reply #15 on: November 19, 2011, 06:23:00 AM »
One thing I've never understood. Why do sensitive computers like this have to be hooked to a LAN giving hackers a hole? If you'd just take the damn things off the web, nobody could get to them. Computers can have a data highway without going into the world.

They are not connected in any way to the internet.  This is my career and profession and I work on drinking water plant SCADA systems every day.  They are not connected in any way to the internet.  The entire story is made up to push buttons and scare people.  It did not happen.

Offline Delnorin

  • Full Member
  • ***
  • Posts: 353
    • Free Speech While It Lasts
Re: Cyber attack in the US
« Reply #16 on: November 19, 2011, 06:27:44 AM »
Do a gargoyle search of FERC, NERC, and Homeland Security. Spend a little time looking at the public offerings on post-9/11 utility plant security. The old stereotype of the nightwatchman asleep in his guard-shack is quaint but inaccurate. Likewise the picture of someone playing on Facebook from a workstation that also controls vital subsystems for any utility borders on the ludicrous.

If you are knowledgeable about the networks most companies use you are familiar with concepts such as firewalls, web-based content filters, proxies, and - in Windows-based networks - group policies (to name a few). All these appliances and systems work to limit access to sensitive systems. The thing about utilities, security companies, financial corporations, etc is that with most of them the computers that control their vital core infrastructure systems aren't even connected to their corporate network much less the Internet. They are on private networks, physically isolated from email systems and web traffic. The only way to hack them is to breach physical plant security (often multiple layers) sit down at a terminal and then breach hardened network security.

So let's put on our James Bond jacket, take a draw on our vodka martini (shaken, not stirred) and imagine we're about to conduct a little industrial sabotage. We've mapped out the physical location of this high-value target - a water plant. We pole vaulted the chain-link fence, transversed two or three hundred yards of CCTV monitored ground, breached a number of doors in order to gain access to a control room where we've identified the workstation that hosts the control set - no doubt from the large lettered sign that says "Plant Control Computer" - and "hacked" our way into it, likely using the password "password" to gain entry.

Now we are in position to wreak some serious havoc, so what do we do? We reprogram a pump to cycle until it goes tits up. Brilliant.

I'm not saying it can't happen. I'm saying that the probability of it happening is roughly on the order of Øbozo suddenly getting some humility.

...just sayin

I can tell you that this above information is exactly correct.  It is my career profession to work on drinking water plant SCADA systems every day I go to work.  They are not connected to the internet in any way whatsoever.  A face-face interface... on site.... breaking in physically over the fence type scenario is the only way this can happen.

The only thing I can think of is a SCADA programmer screwed up his code and made up this story to save his ass/job.  Even then... everyone working at the facility would know he was lying.

There is no way this happened as it's being reported.

Offline Delnorin

  • Full Member
  • ***
  • Posts: 353
    • Free Speech While It Lasts
Re: Cyber attack in the US
« Reply #17 on: November 19, 2011, 06:30:05 AM »
Quote
..... firewalls, web-based content filters, proxies, and - in Windows-based networks - group policies (to name a few). All these appliances and systems work to limit access to sensitive systems. The thing about utilities, security companies, financial corporations, etc is that with most of them the computers that control their vital core infrastructure systems aren't even connected to their corporate network much less the Internet. They are on private networks, physically isolated from email systems and web traffic. The only way to hack them is to breach physical plant security (often multiple layers) sit down at a terminal and then breach hardened network security.....

You DO know, I'm positive you do, that many companies contract out this work to, oh, AT&T, Verizon and others.  Physical plant security does not require breaching.  Remote hacking is entirely plausible.

In no way is it possible.  A drinking water plant SCADA system is purposefully wired to isolated computers.  There are protocols for exactly this reason that SCADA systems are NEVER ever ever attached to a computer or a system that is attached to the internet.

Offline IronDioPriest

  • Administrator
  • Conservative Superhero
  • *****
  • Posts: 10828
  • I refuse to accept my civil servants as my rulers
Re: Cyber attack in the US
« Reply #18 on: November 19, 2011, 08:45:39 AM »
Quote
Water plant boss: "So, Henry, how in the HELL did that water pump get destroyed on your watch?"

Henry: "Um.... ah.... a um....a - a - a um... Russian hacked into the system and destroyed the pump boss! Yeah, that's it! Must be. I tracked 'im! Traced right back to Russia, I did!"

Water plant boss: "A Russian? Hacked into the system? And broke our pump? Remotely?"

Henry: "Yup! It was a Russian spy!"

Water plant boss: "OK then Henry. So that's what we're gonna tell the media when they come asking why the water supply is disrupted?"

Henry: "Yup! I swears it boss! They hacked in... from a remote terminal in RUSSIA! That was it!"

Water plant boss: "Okie-doke."

(Water plant boss leaves the pump control room, Henry gets a roll of paper towels out from his desk drawer and proceeds to wipe up spilled coffee from the pump control workstation, satisfied that his job is safe for now.)
"A strict observance of the written laws is doubtless one of the high duties of a good citizen, but it is not the highest. The laws of necessity, of self-preservation, of saving our country when in danger, are of higher obligation. To lose our country by a scrupulous adherence to written law, would be to lose the law itself, with life, liberty, property and all those who are enjoying them with us; thus absurdly sacrificing the end to the means."

- Thomas Jefferson

Offline IronDioPriest

  • Administrator
  • Conservative Superhero
  • *****
  • Posts: 10828
  • I refuse to accept my civil servants as my rulers
Re: Cyber attack in the US
« Reply #19 on: November 19, 2011, 08:53:38 AM »
After reading Soup and Delnorin's experienced deconstruction of this, I'm reminded of a true story.

My wife's friend came into her 4 year old son's room to find the boy, the wall's, his bed, and the carpet covered with black "Marks-a-Lot" permanent magic marker. On the floor, written in letters 2 feet tall was the boy's name.

The mother, horrified, screamed, "What did you DO?" The boy said, "I didn't do it mommy." She responded incredulously, "Oh really? Then who DID do it?" He responded in all seriousness as if he really, really expected her to believe him, "A bad guy did it mommy."

She looked at his name scrawled by his 4 year old hand on the carpet and burst out laughing and crying at the same time.
"A strict observance of the written laws is doubtless one of the high duties of a good citizen, but it is not the highest. The laws of necessity, of self-preservation, of saving our country when in danger, are of higher obligation. To lose our country by a scrupulous adherence to written law, would be to lose the law itself, with life, liberty, property and all those who are enjoying them with us; thus absurdly sacrificing the end to the means."

- Thomas Jefferson