[146743] in North American Network Operators' Group
Re: First real-world SCADA attack in US
daemon@ATHENA.MIT.EDU (Mark Radabaugh)
Mon Nov 21 16:47:28 2011
Date: Mon, 21 Nov 2011 16:46:03 -0500
From: Mark Radabaugh <mark@amplex.net>
To: nanog@nanog.org
In-Reply-To: <CAOF0KO_m5op=iMfRp+WPKvcuiX1MQCp7LrYf8rhE6HxjFeY3DQ@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 11/21/11 4:38 PM, Charles Mills wrote:
> Having worked on plenty of industrial and other control systems I can
> safely say security on the systems is generally very poor. The
> vulnerabilities have existed for years but are just now getting
> attention. This is a problem that doesn't really need a bunch of
> new legislation. It's an education / resource issue. The existing
> methods that have been used for years with reasonable success in the
> IT industry can 'fix' this problem.
>
>
> Industrial Controls systems are normally only replaced when they
> are so old that parts can no longer be obtained. PC's started to
> be widely used as operator interfaces about the time Windows 95
> came out. A lot of those Win95 boxes are still running and have
> been connected to the network over the years.
>
> And... if you can destroy a pump by turning it off and on too
> often then somebody engineered the control and drive system
> incorrectly. Operators (and processes) do stupid things all the
> time. As the control systems engineer your supposed to deal with
> that so that things don't go boom.
>
>
>
> --
> Mark Radabaugh
> Amplex
>
> mark@amplex.net <mailto:mark@amplex.net> 419.837.5015
> <tel:419.837.5015>
>
> ===============================================
>
> There are still industrial control machines out there running MS-DOS.
>
> As you said not replaced until you can't get parts anymore.
> Chuck
Oh yeah.... just not too many of those MS-DOS machines have TCP stacks :-)
I still get calls to work on machines I designed in 1999. It's a real
pain finding a computer that can run the programming software. A lot
of the software was written for 386 or slower machines and used timing
loops to control the RS-232 ports. Modern processors really screw that
software up.
--
Mark Radabaugh
Amplex
mark@amplex.net 419.837.5015
