Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Worms Crash Ohio Nuke Plant, MD Trains

Posted by michael on from the woodpecker-that-brought-down-civilization dept.

stieglmant writes "For everyone who thought the 'blackout of 2003' was bad, how about this, according to an article at SecurityFocus, and another article at The Register, 'The Slammer worm penetrated a private computer network at Ohio's Davis-Besse nuclear power plant in January and disabled a safety monitoring system for nearly five hours.'" Russell writes "Maryland MARC Train Service was shut down most of Wednesday morning due to what sounds like the MS-Blast worm or one of its variants. The local Baltimore news reports that the cause was a signal malfunction but CSX, whose communications system runs the tracks, has an article describing the shutdown as a result of 'a worm virus similar to those that have infected the systems of other major companies and agencies in recent days'. This indicates that the network that the train signaling stations are on is not protected by firewalls, at least to block ports 135 and 444 where the DCOM vulnerability is attacked. Wow, taken to the extreme, the exploitation of their systems could have caused a train collision and injury or death to hundreds of Maryland and Virginia commuters."

6 of 817 comments (clear)

  1. It's only a matter of time... by Tracy+Reed · · Score: 4, Interesting

    ...before someone really is killed due to M$'s negligence. Sure, one could argue that they should have applied patches and that it isn't M$'s fault but tell that to the jury. When surviving relatives see the potential for a profitable liability suit they are going to go after the biggest pockets and that is M$.

  2. Speaking of the Blackout by dgenr8 · · Score: 4, Interesting

    Funny you should mention the Blackout. The timing DOES seem interesting. I wonder just what functions inside the electric utilities depend on Microsoft Windows. If it's good enough for the nuclear industry, would anyone be surprised if failure of a critical set of Windows systems were responsible for the Blackout?

  3. Fail Safe by FTL · · Score: 4, Interesting
    > Wow, taken to the extreme, the exploitation of their systems could have caused a train collision and injury or death to hundreds of Maryland and Virginia commuters.

    No. Taken to the extreme, this exploitation could cause the train system to stop. Which is what it did.

    Ever since the Victorian era, trains are designed to stop if there's a failure. That's what "fail safe" means, not that it is "safe from failure" but that "when it fails, it is safe".

    For a simple example, take a look at the _mechanical_ switching gear on the tracks behind my office. More modern electronic or computerised equipment is exactly the same in terms of how it reacts to failures.

    --
    Slashdot monitor for your Mozilla sidebar or Active Desktop.
  4. Re:The network administrators... by epiphani · · Score: 4, Interesting

    I was under the impression that Microsoft didnt encourage the use of its products in applications such as these. We are talking about systems that cannot fail - if they do, people could die.

    I thought Microsoft had the sense to accually say 'this is not what our product is for - get something custom'. If I worked at Microsoft, the last place I'd want our 'it-does-everything' operationg system doing would be managing the safety systems at a nuclear plant.

    Does anyone know if Microsoft accually encourages this type of a deployment - if they dont, what moron decided to use it?

    --
    .
  5. NEXT: Accidental Nuclear ICBM Missile Launch...? by Ron+Bennett · · Score: 4, Interesting

    Why in heavens name are critical systems running consumer-grade software...and worse, why are they connected to the public internet?

    And then there are VPNs...fine for offices, but not critical infrastructure - critical systems should be on totally separate, dedicated private networks, period!

    Among my biggest fears in regards to computer worms, etc somehow getting into a nuclear weapons system and causing nuclear missiles being launched - in particular nuclear based ICBMs which are less protected; Windows is used on some nuclear subs from what I've read - frightening!

  6. CSX uses InCharge "service assurance manager" by Animats · · Score: 4, Interesting
    Here's what CSX (the railroad) says about the failure:
    • CSX Transportation's (CSXT) information technology systems experienced significant slowdowns early today after a computer virus infected the network. The cause was believed to be a worm virus similar to those that have infected the systems of other major companies and agencies in recent days.

      The infection resulted in a slowdown of major applications, including dispatching and signal systems. As a result, passenger and freight train traffic was halted immediately, including the morning commuter train service in the metropolitan Washington, D.C., area. Contrary to initial reports, the signal system for train operations was not the source of the problem. Rather, the virus disrupted the CSXT telecommunications network upon which certain systems rely, including signal, dispatching and other operating systems.

    So what are they using to manage their network? They're using InCharge "Service Assurance Manager".

    • CSX will implement InCharge(TM) Service Assurance Manager and InCharge(TM) Availability Manager to ensure the reliability of its Next Generation Dispatch Network, the core IP-based infrastructure that controls the dispatch and timely operation of 1,700 trains and over 20,000 carloads per day. More than 2,000 routers back this complex CSX network, each with multiple points of connectivity and multiple layers of redundancy.
    InCharge IP Availability screenshots make it clear what platform it runs on.

    Any questions?