Slashdot Mirror
New York City Pushes Plan To Prevent Cyberattacks On Elevators, Boilers
coondoggie writes "Imagine what would happen if an attacker broke into the network for the industrial control systems for New York City's elevators and boiler systems and decided to disrupt them, imperiling the lives of hundreds of thousands of residents relying on them. Think it could never happen? Think again. 'You could increase the speed of how elevators go up or down,' says Steve Ramirez, business analyst, analysis and communications in the Office of the CIO of the New York City Housing Authority, which provides public housing for low- to moderate-income families in the five boroughs of the city. And if attackers ever successfully penetrated the network-based industrial control systems for the boilers, they could raise the heat levels for municipal boilers, causing them to explode." Maybe Bruce Schneier could run a new movie-scenario contest about ways this could play out.
These systems shouldn't be network accessible anyway.
!!!
Maybe these systems should be on isolated networks.
Maybe they could run a movie scenario about how scare-mongering about trivial threats diverts attention and resources from real problems.
Boilers have release valves for a reason. Even if you could turn the heat all the way up the safety release valves would let go. You would have to weld those shut to explode a boiler. If the "evil-doers" are welding those shut you have other problems
"business analyst, analysis and communications in the Office of the CIO of the New York City Housing Authority (NYCHA)"
So a housing authority needs a full office for Information systems and in that office it needs a business analyst (because that is part of information systems)?
Sound like a bureaucrat that needs to justify the job his dad got him.
How else would the turbo button work?
In a World where up isn't always the direction you're headed and going down will kill you, A hero will rise...
TERRORVATOR
*break*
Ted Buttson wasn't exactly the best elevator repairman "Y'know normally the buttons don't do this" (empty elevator drops from sight, crashes). In fact you could say he was the worst elevator repairman "Why do they build these things with all these extra bolts?" (elevator doors fall in), but sometimes it doesn't matter who you are if you're on the right floor at the right time "H-hey! I think these guys wanna do something BAD to this elevator!". Coming this summer from the same studio that brought you predictable comedy before comes "TED: Going Down" (close up shot of actor making faces with sexy music playing)
[NOT YET RATED]
crazy dynamite monkey
"Imagine what would happen if an attacker broke into the network for the industrial control systems for New York City's elevators and boiler systems."
Some people would have to take the stairs and others would take cold showers. A truly terrifying prospect. Elevators and hot water are conveniences; People don't die from the lack of them.
#fuckbeta #iamslashdot #dicemustdie
because the speed will probably have to be calibrated again after a period of time.
I'm god, but it's a bit of a drag really...
A baddie with mechanical experience and perfectly legal hand tools could go walkabout and cause massive (literally) destruction.
But that require access. Just try to get into any big bilding without a security guard on your ass.
This article was written by someone who watches way too much TV. YOu can't take down anything with jsut a keyboard. Anonymous has proven that. If they could have cause a problem of this magnitude, they would have in their protests but the best they can do is vandalize websites and get stolen data.
Hackers can't do any real damage.
Ok, so why do you need to do that over a network?
I mean, if the elevator speed is inaccurate, then that means the sensors in the elevator that determine it's speed are inaccurate, so you have to bring new sensors on site anyway, so you can calibrate it onsite.
No point going all TSA when nothing has happened and nothing likely will. If you are peddling your "cyber protection plan" to NYC, well, good luck !! There are plenty of protection rackets going on, and you won't get your little pecker in the door, that's for sure !!
Why go through all of that bother?
NYC's water supplies are completely unprotected. I think your imagination can come up with the rest.
@Mindless Drivel: 100% of Twitter posts ever Tweeted.
Cyberwarfare means money. As most of the preceding posters have identified, most of the perceived threat is total horseshit. But because computers are full of magic smoke and fairies, muggles presume that a computer hooked up to a machine is a terrible threat. Haven't you seen the famous historical documentary, "Terminator" ???
It's just like the TSA - because there hasn't been a compumatronically induced apocalypse, we're doing a good job, right? Hell yeah, line up another raft of Cyberwarfare Funding Bills, and we need some more staff to hotswap the drives in our pr0n^W evidence storage RAID array.
Is that common though? It seems to me that once the speed of a elevator is calibrated, it should not need to change -- the calibration should be for the building itself, which should not frequently change. Sensors may malfunction and necessitate a recalibration, but if that still does not explain why the settings would need to be changed by the control system's software.
Palm trees and 8
because they didn't let certified idiots connect industrial controls to the Wacky Wacky Webbiepoo.
this is real simple. turn off the interconnects, and toss those boxes in the trash.
we knew enough when modems ran at 100 baud to not connect critical systems to an outside influence.
if this is supposed to be a new economy, how come they still want my old fashioned money?
First of all, elevators have _separate_ mechanical only devices that attach to the cars brakes with a fly wheel design that has springs that will cause the flywheel to physically lock the wheel and cause the separate wire it is attached to, to detach or "yank" on the brakes on the car and immediately stop the elevator. So, even if you could cause the motor to bring the elevator to free fall speeds via hacked electronics, the elevator will not free fall to the bottom...
Second, all boilers and hot water tanks have industry mandated TMP (temperature and pressure) valves that prevent explosions in the case of an electrical malfunction. Have you never seen any of these bleeder valves on the tanks in your home? Do you think that massive boilers that could do serious damage are somehow magically devoid of these safety devices?
Clearly, the only way for any terrorist to attack these systems in anything more than a denial of service fashion, would be to physically visit the device in question and damage it. The real way to prevent these attacks is detection (alarm systems), and to get the caretakers/maintenance people responsible for the systems to do regular maintenance and checks to ensure that they haven't been tampered with. ie: elevator maintenance needs to regularly inspect the elevator mechanics on a regular basis (they do by law) that is behind locked (special pick resistant) doors, and the super/maintenance/plumber needs to periodically check the bleeder values for unobstructed operations, which I am sure is always mandatory in large important installations.
Really though, the problem would be more about lazy maintenance personel not doing there jobs, and not the electronics that control these systems. This guy needs to stop watching myth busters...
It is not possible to cause a properly designed elevator to crash or trap its occupants by a remote command, for the simple reason that the system only accepts a small set of safe commands. A command to change an operating parameter (like a speed, delay, etc...) is rejected if out of bounds. A command to stop will result in the elevator moving to the next floor, opening its doors and then shut down, i.e. going to a fail-safe state. There is no "crash and burn" command. So even if someone gets unauthorized access to the control network, the worse they can do is play pranks, reduce performance or deny service.
Most boiler and elevator design predates electronic/computerized controls so they have mechanical safeties.
Thumbs up to everyone who said networking them to the Internet is a DUMB idea.
Fear-mongering for fun & profit seems to be the new & improved USA business model, especially for governments at every level. Afraid of terrorists? Obviously, they are everywhere, and can strike at any time. Be afraid. Surrender all your rights & liberties, and (especially) your money to the government. The "war on terror" will save you, even from yourself. The DHS has spent over $1 Trillion fighting "terrorism" since its' founding. Is life without any risks whatsoever really living? And can one even prove that the benefit outweighs the cost, when success is only proven with a negative result? And the only positive results, aka real terrorism, for the past 25 years have been government promulgated?
The "war on terror" is a black hole the USA throws money into, without actually making anyone safer. In fact, just the opposite is the case. Vastly increased sovereign debt threatens those very government programs & infrastructure that do help to keep us safe, healthy, and happy. Our infrastructure, like bridges, public health system, national power grid, water purification plants all suffer from competition with the "war on terror". OMG, man-made carbon dioxide is threatening us with global warming -- quick, let's ship all our industries overseas. OMG, there are religious fundamentalists half a world away that hate us for our freedoms -- quick, let's spend $4.5 Trillion in 10 years on perpetual warfare against these people. Surely they will not hate us any more if we drop money-bombs on them along with bloody expensive military ordinance, including their wedding parties and funerals. OMG, someone smuggled the equivalent of an M-80 firecracker in their pants onto a USA-bound plane -- quick, let's spend $250 Billion on terahertz-wave body scanners and place them everywhere, not just airports. Before we surrender more of our individual rights & liberties or more blood & treasure, let's get the answer to "Who benefits, and why?"
The truth is, if you feel personally at risk of bodily harm due to acts of terrorism, go out and buy even 1 lottery ticket because the odds against you winning are only 1 in 175 Million, while an act of terrorism (a real act of terrorism not fabricated by government) is closer to 1 in 1,000 Million. Feeling "lucky" -- buy that lottery ticket. Ignore things like auto accidents with uninsured drunken drivers, or getting struck by lightening four weekends in a row when you go play golf.
Industrial Control Systems have no business with internet access to operational processes, rather than merely an alarm or data monitoring channel, in any case.
Perhaps compliance with new regulations? A service company could theoretically roll an update out accross a country or state without having to visit each elevator.
Emergency use? Maybe paramedics...
We definitely need to train an elite corps of cyberwarfare personnel to deal with this sort of threat. I propose dividing the corps up into three tactical teams:
Alpha Team will carry out recon and patrol duties, identifying computer systems responsible for controlling potentially dangerous hardware systems.
Bravo Team is responsible for extraction and isolation. Their mission is to walk up to these machines and unplug them from the Internet.
Charlie Team is the counterinsertion team. They will be equipped with Mk 47 Hot Glue Guns. They will fill all available USB and network jacks on these computers with hot glue.
That's it. Screw high tech cybersecurity, system patches, and all that bullshit. Just unplug 'em and permanently destroy all I/O paths to the outside world.
Perhaps compliance with new regulations? A service company could theoretically roll an update out accross a country or state without having to visit each elevator.
No you do that ON-SITE. This is not web services or video games. You have someone there locally to confirm it is working in real life when making parameter changes like this.
express mode is faster as they don't stop at each each floor.
Also there is a slow maintenance mode that also is in place.
most elevator have manual maintenance controls on top of the cab.
based on recent headlines like http://www.nytimes.com/2011/12/16/nyregion/elevator-that-killed-yr-executive-was-undergoing-maintenance-city-says.html, I'd be more afraid of negligent elevator repair staff than of terrorists.
I'll create an amusing sig when I have something meaningful to post.
elevator also have a fire mode where they go to the lowest floor or lobby and hold the doors open.
Now with the fireman's key you can move the elevator to any floor that you want (some times even floors that need a key card) and reject calls.
People getting fit and losing weight from taking the stairs... Jesus; have these terrorists got no soul?
to subdue children.
It's 2012 - aren't we past this sort of "Only my Department can save you from the eBogeyman - with proper funding" yet?
If you were blocking sigs, you wouldn't have to read this.
You mean that, through clever hacking, I can actually activate the boiler?? Like, when it gets cold?? No more listening to bullshit excuses from the landlord??
Now I can quit banging on the pipes.
None of this stuff should/needs to be re-configurable or commandable externally, that is why
sosciety used to have lift engineers and boilermen.
Tech, anal programming and MBA greed breaks anything.
All it takes is one terrorist with a chin-up bar and we are all doomed!
What kind of idiot would design a boiler without a pressure relief valve? I think that would be only the kind that aren't allowed to design boilers.
It wonders me to see a forum like slashdot not recognizing FUD tactics.
This time, FUD targets everyone's stability and inspires fear from everything.
"You are warned, don't tell you are not, once your elevator leaves for moon. With you inside."
http://opencm3.net, http://www.nongnu.org/gm2/
Modern lifts change speed in a smooth way to (among other benefits) avoid feeling of discomfort by passengers. It would surprise me if these parameters were centrally controlled but then maybe not. The fact remains however that modern lifts do have more than one fixed speed.
Ok, spam for chinese jaw crushing machines. Now I can die in peace, I have seen everything.
Ubi solitudinem faciunt, pacem appellant.
You might want a feature of sending a message over the network to indicate the elevator is stuck/overloaded/damaged or what have you. That should be hardware single direction data though.
Well, I might have a way, but it only works on a semi spherical planet in a vacuum.
Every big-city building (residential AND commercial) I've ever spent a lot of time in has had elevator techs onsite at least monthly. In one building I lived in, the elevator company had their own office space off the lobby.
I see faster elevators as a good thing. It would help people get where they're going more quickly.