Slashdot Mirror
Experts Hack Power Grid in Less Than a Day
bednarz writes "Cracking a power company network and gaining access that could shut down the grid is simple, a security expert told an RSA audience, and he has done so in less than a day. Ira Winkler, a penetration-testing consultant, says he and a team of other experts took a day to set up attack tools they needed then launched their attack, which paired social engineering with corrupting browsers on a power company's desktops. By the end of a full day of the attack, they had taken over several machines at the unnamed power company, giving the team the ability to hack into the control network overseeing power production and distribution."
Not really though. A good team of social engineers (con men) and CS people can accomplish many many things...How can you prevent such things? Ridiculously strong security? Require the security guard at my place of employment to scan my ID each and every time I walk in the building? Is he supposed to also stop law enforcement from going in without clearance from HQ? I'm quite serious, what would be an effective way to stop these tactics? Everything I think of is either too impractical for most situations or prone to the same failures, but at different points.
If you are about to mod me down, keep in mind that this post was most likely sarcastic.
There's a nice feature on Ira Winkler in attrition.org's charlatan file:
http://attrition.org/errata/charlatan.html#winkler
They'd post armed patrols out in the mountains..even then good luck.
Why the hell would someone go to all the effort mucking around with computers and hacking and leaving evidence everywhere when they could just go buy a gas axe from the local hardware store and knockdown a few of the big towers and cause havoc for days...and have about 0% of getting caught to top it off.
I was 4wding up in the highcountry near my city the other weekend, driving along the maintenance tracks for the big lines that run from the hydro electricty plant to the city. A gas axe to a few of the supports and you could cut power to the city in an hour. Choose the right towers, remote and hard to get to and it could be out for days. The big lines run through the rugged and isolated mountains for about 100kms (60miles)...good luck stopping someone motivated doing that.
And yet, no one ever has..perhaps, just perhaps there isn't bogey men trying to get us hiding around ever corner?
These 'security experts' that seem to be cropping up left, right and centre these days crying about how unsafe and insecure everything is seem to be little more than a new incarnation of snake oil salesmen.
Rediculous.
I worked at a place that supposedly had two totally separate networks - one connected to the internet, one corporate wide, for news/data/intranet stuff.
.. And try to keep it secret from the network ops guys, of course.
So, sure, everybody has two desktops.. one for internal one for everything else. It was great in theory - really stupid in practice. Just doesn't work.
Reality is - there is an expectation that data from outside is available inside. In the power company case it might be everything from the latest gas pricing information to weather reports to who knows what else - and so in 'getting things done' this will inevitably require connections between the outside and the inside.
So, as a result of this 'blanket policy' contrasting with the 'real world' people would circumvent the rule - but do it in stupid, sneaky ways -- for example in one data center there was, literally, an infrared tunnel between two computers -- "see, they are not 'physically connected' !!"
It would've made a lot more sense to supply a safe, heavily controlled/monitored firewall that connects outside to inside and let the network security people manage it. Otherwise your choices are (1.) actually enforece the rule and totally cripple the effectiveness of the internal system (with the result that nothing of any importance gets put there) or (2.) really lame hacks pretending to be secure and working around the blanket rule, when in actual fact they are invisible bridges that the network ops guys don't know about.
I saw the alternative 2. in real world practice. Lets consider option 1. - if they really did manage to make the SCADA network totally seperate **and enforce that**. In that case you'd probably just end up with the forecasting/power-station-scheduling app running on the 'outside' network - and just the final 'implement it' step on the internal SCADA. Since the scheduling app is the one where the real decisions are made - hacking into that would let you send signals and information that would look relatively harmless but would still, in effect shut down the power grid. You are still sending information - in this case mediated by human brains, but not in a way that the human brain can easily understand because its low level commands (turn this up, turn that down) - that could very effectively mess up the voltage balance or frequency timing or whatever, and causing rolling blackouts and thus achieving the same aim of shutting down the power grid. There is information flowing from outside to inside - whether it is via human or machine.
Security through dis-connectivity is a dangerous myth in most cases. In some cases, say military situations where you are willing to absorb the huge cost to re-implementing a complete replacement for just about every dang thing you might need on the inside (e.g. weather data, or radar data, say) then it may make sense. In just about every realistic corporate case - even power companies - its likely to only cause people to take their eye off the ball of implementing real security and proper firewalls etc.
How would you like it if the hackers got into the grid control system and told the IP motors that control the floodgates on the big dams to open all the way, and then send them into a tizzy that burns them out, so they can't be used to shut the gates? How much damage would the downstream flooding cause?
Or how about the test the DHS did, where they gave a generator a command to generate power out of phase with the network, causing it to physically self-destruct? It only takes a few tings like this to screw up the country big-time! And it doesn't have to be done on site, it can be comfortably done from the safety and security of your ChiCom hacker network (they've been walking all over our networks for years) or your zombie bot-net.
I've been sounding the alarm on this for years, (although many others have been doing a far better job, don't want to take credit for others work) and finally the industry is responding. It will take billions to correct it in the US, Europe and Far East, while some poor countries don't have the financial means to do it at all.
HexaByte - he's a square and a half!