Slashdot Mirror

← Back to Stories (view on slashdot.org)

Experts Hack Power Grid in Less Than a Day

Posted by samzenpus on from the quick-everyone-panic dept.

bednarz writes "Cracking a power company network and gaining access that could shut down the grid is simple, a security expert told an RSA audience, and he has done so in less than a day. Ira Winkler, a penetration-testing consultant, says he and a team of other experts took a day to set up attack tools they needed then launched their attack, which paired social engineering with corrupting browsers on a power company's desktops. By the end of a full day of the attack, they had taken over several machines at the unnamed power company, giving the team the ability to hack into the control network overseeing power production and distribution."

3 of 302 comments (clear)

  1. Re:Is everything on the internet? by jroysdon · · Score: 4, Informative

    The problem is the layers. The Desktop PCs (you know, the ones you use to check email and surf the web) have access to the internet (probably just outbound), and access to the SCADA networks. While you cannot initiate an inbound connection to those Desktop PCs, all you have to do is get someone to click on a link and get infected with something that sits on their PC and maintains an outbound connection (think GoToMyPC). From there, the exploit team has access to their PCs and everything their PCs have access to.

    In an ideal world, they'd have two PCs on each desktop. One on the internet, one on the SCADA network. The two should never be connected. That's how the military is suppoesd to do it between different levels of their networks (the two different levels are never to be connected).

    But that costs you twice as much, and isn't convenient. But you'd never have a security breach.

    Oh, and they buy and sell power over the internet between different power companies, so right there is a reason you'd need some SCADA system connected with internet access (but you could have those systems very, very locked down as to what and how they can access between things).

  2. Re:Is everything on the internet? by Anonymous Coward · · Score: 4, Informative

    I don't understand "they did". Internet and SCADA where available on the same desktops:

    "Individual desktops have Internet access and access to business servers as well as the SCADA network, making the control systems subject to Internet threats."

  3. Re:I'm Shocked! by dbIII · · Score: 4, Informative

    I have to admit I have gained that sort of access just with a pair of overalls. It was one of those stupid catch22 situations where you had to do a one day safety course to be authorised to get through the gate and you had to get through the gate and walk through the middle of the turbine hall to get to where the course was held so you could get your ID. A similar thing happened at another power station but that time I actually had the company logo on the overalls - but yes I did just walk in and go right up to the control room that time. Oil refineries are a different story - the ones I visited had administrative buildings outside the gate so you didn't have to get full site access just to meet someone in the place.