Thursday, November 15, 2012

Security & Hacking: Digital Bond on ICS & PLC lack of Security

http://www.digitalbond.com/blog/2012/11/13/two-conversations-last-week/

from link above:
"Our number 1 message – if the bad guys, malware or any other attack code gets to your ICS, he or it will be able to take down or control your process. The PLCs and controllers lack basic security to stop any attack. You have to secure your perimeter to the best degree possible and prevent even legitimate external access to the ICS, because those are attack paths.
Most executives do not understand how vulnerable their ICS are. When you explain it to them they are shocked … wait you mean there is no security at all???  Not even basic security like my ATM card? "


I don't think the public realizes what these things, the Industrial Control Systems and Programmable Logic Controllers, are or what they do.

If your not a specialist in the field, just think about these systems as Remote Controls (like the remote control for your TV) for the machines, switches, and valves used in Utilities and Industry.

Except, instead of infra red laser or radio that a TV Remote usually uses, these Remote Controls use the internet.

And when they were designed and built, no one really considered that anyone that wasn't supposed to play with the settings would even try to, so just like your TV remote control, there is no real security built into these remote controls.

So in very simple terms, what this means, is criminals/terrorist/etc can just use a specialized search engine, think like "Google" but specialized for finding these remote controls, and start messing with the channels on your "TV", turn it off, or maybe even do something like enter so many commands at once it gives the computer in the TV a heart attack and it dies from all the stress it wasn't made to handle.

But in this case the "TV" is actually the electrical substation the delivers power to your neighborhood, or to your hospital, or your kids school and a cold winter day.

Or it could be to the water treatment plant, so there is no clean water for drinking or anything else until the system is fixed, course, the minute the broken parts are fixed, the attacker could just wreck it again.

This is why a lot of security experts are making a lot of noise about this topic, they know there is a problem, and that something needs to be done about  it, but it is a really BIG problem, and they need help from you to put pressure on politicians and such to improve the situation.

Attacks already happen, see this link http://pipelineandgasjournal.com/hacking-industrial-scada-network for full story, snippet:
"It was a Trojan program inserted into SCADA system software that caused a massive natural gas explosion along the Trans-Siberian pipeline in 1982. A newspaper reported the resulting fireball yielded “the most monumental non-nuclear explosion and fire ever seen from space.”"

No comments:

Post a Comment