Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Worms Crash Ohio Nuke Plant, MD Trains

Posted by michael on from the woodpecker-that-brought-down-civilization dept.

stieglmant writes "For everyone who thought the 'blackout of 2003' was bad, how about this, according to an article at SecurityFocus, and another article at The Register, 'The Slammer worm penetrated a private computer network at Ohio's Davis-Besse nuclear power plant in January and disabled a safety monitoring system for nearly five hours.'" Russell writes "Maryland MARC Train Service was shut down most of Wednesday morning due to what sounds like the MS-Blast worm or one of its variants. The local Baltimore news reports that the cause was a signal malfunction but CSX, whose communications system runs the tracks, has an article describing the shutdown as a result of 'a worm virus similar to those that have infected the systems of other major companies and agencies in recent days'. This indicates that the network that the train signaling stations are on is not protected by firewalls, at least to block ports 135 and 444 where the DCOM vulnerability is attacked. Wow, taken to the extreme, the exploitation of their systems could have caused a train collision and injury or death to hundreds of Maryland and Virginia commuters."

8 of 817 comments (clear)

  1. Terms of use? by jkujawa · · Score: 0, Redundant

    I was under the impression that the Microsoft terms of use specifically state that Windows isn't to be used in things like critical systems in nuclear plants, planes, etc.

    I think that a monitoring system would definitely apply here.

    Everyone on Slashdot would say that Windows was a bad idea for this ... but Microsoft would probably agree! Someone in charge of instrumentation at that plant needs to be downsized right quick.

  2. Re:The network administrators... by heidkamp · · Score: 1, Redundant
    Aren't these types of systems supposed to NOT be running Windows?

    I'm pretty sure that Windows comes with a warning saying its not for air traffic control, nuclear plants, etc... so this may reach beyond "network guy incompetent - fire him" to "network guy criminally negligent - cane him"

  3. Re:The network administrators... by TheZax · · Score: 0, Redundant

    Don't necessarily blame the firewall. Sure blocking certain ports from the Internet will stop direct connects from the Internet, but from what I've seen with MSBlast, SQL Slammer and such, is that they are brought in on laptops from home users, or possibly dialup or VPN users and such. Once on the inside, many networks have little to no security.

    --

    JWall: GUI client for IPTables
  4. BSOD? by cjustus · · Score: 0, Redundant

    Kind of gives "Blue Screen of Death" a whole new spin, eh?

    --
    Platform independent bug tracking software
  5. Safe? by smatt-man · · Score: 0, Redundant

    Gives new meaning to "the blue screen of death"

    --

    ---
    Lousy rotten karmic retribution.
  6. Plant is offline by garver · · Score: 0, Redundant

    Davis-Besse is run by FirstEnergy, or was until it was shutdown in Feb 2002. It seems they found a hole in a cap covering the plant's reactor vessel. In case you missed it, FirstEnergy is the same company that is being blamed for the blackout.

  7. Re:The network administrators... by linzeal · · Score: 0, Redundant

    Setup a firewall on physcically seperate switches for portable computers at every cubicle, or have a row of cubicles just for laptop users behind a firewall.

    --
    An Education is the Font of All Liberty
  8. Re:The network administrators... by Kenshin · · Score: 1, Redundant

    I don't think polishing your own rod counts.

    --

    Does it make you happy you're so strange?