Slashdot Mirror
Experts Call For Preserving Copper, Pneumatic Systems As Hedge For Cyber Risk (securityledger.com)
chicksdaddy quotes a report from The Security Ledger: The United States should invest resources in preserving aging, analog infrastructure including telecommunications networks that use copper wire and pneumatic pumps used to pump water as a hedge against the growing threat of global disruption resulting from a cyber attack on critical infrastructure, two researchers at MITRE argue. The researchers, Emily Frye and Quentin Hodgson with The MITRE Corporation, note that critical infrastructure is increasingly run from converged IP (Internet Protocol) based networks that are vulnerable to cyber attack. That includes so-called "lifelines" -- essential functions like water, electricity, communications, transportation and emergency services. That marks a critical departure from the past when such systems were isolated from the internet and other general purpose networks. "Each lifeline rides on, and is threaded together by, digital systems. And humans have yet to design a digital system that cannot be compromised," they write. With such civilization-sustaining functions now susceptible to attack, the onus is on society to maintain a means of operating them that does not rely on digital controls, Fry and Hodgson write. In many cases, that means preserving an older generation of analog infrastructure and management systems that could be manually operated, The Security Ledger reports. From their article: "In the case of communications, for instance, what is required is the preservation of a base core of copper-enabled connectivity, and the perpetuation of skills and equipment parts to make analog telephones work. Today, we see a move to decommission the copper-wire infrastructure. From a pure business standpoint, decommissioning copper is the right thing to do; but from a public-safety and homeland security perspective, we should reconsider. Decommissioning copper increases homeland security risk, because failover planning calls simply for relying on another server, router, or data center that is also subject to compromise."
What they want is to go back to to the switch board lady-times.
That ever since the 80s, those copper lines simply plug into a digital phone switch anyway?
Is this the best we can do? Rely on economically obsolete systems as a backup for cyberattacks?
Cyberpunk to counter Cyber attacks!
Browsing at +1 - no ACs, I ignore their posts. So refreshing!
Faraday cage, buried 6 feet under will protect many electronics.
What, you want to use it?
While controlled normally over the Internet, this are still pumps and other powerful motors.
As long as the power is on (either from the net or from a local backup), they can be operated manually and locally, or at least they should have that option. This way, in case of a cyber attack that somehow cripple the remote control rooms, of course we should go back to basics: send someone over who can pull the network cable, and manually press the "On" switch. The same you'd have to do if you keep old machines around (which normally also rely on electricity being available), but the difference is the need of maintaining two sets of machinery, one set of which is normally not used.
So why that second set of outdated machines? Costs a lot more to maintain than a manual override on the regular machinery.
'The MITRE Corporation, note that critical infrastructure is increasingly run from converged IP (Internet Protocol) based networks that are vulnerable to cyber attack'
Listen up children and I'll tell you the solution. The solution is to not run your critical infrastructure on converged IP based networks. I presume converged is a code-word for 'cloud'. And if the NSA hadn't acted to dilute security on the Internet, these networked devices wouldn't be so easy to attack.
âoeYou'll see things here that look odd, even antiquated to modern eyes, like phones with cords, awkward manual valves, computers that, well, barely deserve the name. It was all designed to operate against an enemy who could infiltrate and disrupt even the most basic computer systems. Galactica is a reminder of a time when we were so frightened by our enemies that we literally looked backward for protection.â
geek. lawyer.
Winter or Cylons are coming. One of those.
Some drink at the fountain of knowledge. Others just gargle.
The base of any system security is not to rely on a monoculture. If all your systems run on Windows using the same hardware, software and firmware version which the creators have long abandoned.
Require that critical systems are modifiable by the end user and can be carried from platform to platform, it's the government after all, they can set the laws and reject any contract from entities that are either too large or don't want to adhere to basic rules of security and risk management.
Custom electronics and digital signage for your business: www.evcircuits.com
Um no, that is not the solution, the solution is to air gap anything you cant afford to have break due to hacking, and hunt down criminal hackers around the world. Treat state sponsored hacking like an act of war, and make sure everyone knows you will respond with devastating force.
Air gapping critical infrastructure should be a federal law, because anything connected can eventually be hacked given enough time and resources.
If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
Going back to the days of stepper relays and carbon-granule microphones would be very expensive, even as a backup-only system. Better to design hardened infrastructure and phase it in, along with duplication and surplus capacity.
Contribute to civilization: ari.aynrand.org/donate
Listen up children and I'll tell you the solution. The solution is to not run your critical infrastructure on converged IP based networks.
The problem is that almost everything today is "critical infrastructure". It's one thing to build a separate network for dams and nuclear power plants if you deem those as critical infrastructure. It's another if you deem our entire telecommunications system as critical infrastructure. Moving that to IP based systems is pretty unavoidable today.
Fast Federal Court and I.T.C. updates
I call bs on copper being required once optical is widespread. And I intend to shoot gold-casing bullets, because in the future your stupid 20th century idea of market valuations mean jack shit.
Let us see to it that the Empire can still run on smoke signals, galley slaves, and Latin.
If you want to prevent a wholesale shutdown of services by hackers then the best way to do that is to disconnect your most vital systems (water, electricity and transportation) from communications networks (the internet).
* The last reason (price) for not using solar+battery almost everywhere is fading fast and we should encourage the proliferation of isolated power systems. With the exception of exotic locations, only businesses should need to have access to the power grid.
* Depending on and funding combative nations to fuel our transportation has been foolish since day one, we need to switch to electric vehicles posthaste.
* Finally, we need to start changing our water systems into closed loop systems to conserve the water we can access to minimize external dependency because the climate is changing.
We have two choices: adapt or die.
Anons need not reply. Questions end with a question mark.
Air gapping critical infrastructure should be a federal law, because anything connected can eventually be hacked given enough time and resources.
At this point it should be obvious that more & more critical infrastructure will be hooked up to networks, including the internet. Even if experts consider that dumb.
Conclusion: good advice won't help, what's needed is casualties. When a cyberattack takes out large parts of the power grid, or causes a chemical plant to blow up, and people actually DIE as a result, THEN maybe air-gapping will be looked at in a different light. Until then, prepare for cyberattacks to have worse & worse real life effects.
Legacy systems will quickly become obsolete, as their stagnating performance will make them useless for future computing and communication tasks. Sure you can have a working 300 baud modem, but what would you do with it on today's internet and industrial control systems? Servers will probably time out trying to deliver a web page through it. In the world where Moore's law reigns, retiring older technologies only makes sense.
17779 eligible voters in a district, 17779 'vote' as one. This is Russia.
Our society cannot function on steampunk technology - if it did it would be a different society, no matter how alluring the aesthetic.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
NUKE EM NOW!
I remember watching Hackers for the first time back in the mid '90s, and my suspension of disbelief couldn't get past all the things depicted as being hooked up to the internet. Apparently, some other fuckers were watching it, and thinking it was a great idea.
Mark my words, Hollywood probably got killer robots right too - they're just wrong on the date.
---
DRM is like antifreeze, to the MPAA/RIAA it's sweet, to the consumers it's poison.
Seriously. I didn't know telecommunications networks use pneumatic pumps used to pump water. What function could they possibly have in a telecommunication network? Oh... Pneumatic pumps pump water as a hedge against global disruption resulting from a cyber attack on critical infrastructure. Pumps. What can't they do?
"And humans have yet to design a digital system that cannot be compromised"
My network connected digital systems have been attacked by paid for black hats on several occasions and not a single one has been able to hack, crack or otherwise thwart my security.
So perhaps I'm not human....
Perhaps those companies out there need to spend some money on security and people who know security, perhaps then they would have systems that were safe but of course we all know security costs money which is why so many of these systems are breakable.
Are you trying to say that Cylones stole the election from Bernie, anointed the Hilldog, and killed Seth Rich to cover it up? Then still lost due to Wikileaks/Trump anyway, and therefore tried to blame it on the Fake Russia Hack story?
Interesting theory, and actually more plausible compared to what the MSM is putting out now.
One good EMP will take down the copper connections quite nicely. But, then, the power to make the controls driven by the copper connections work will be as gone as that for the FIOS or other connections.
{^_^}
Telcos have been actively pushing residential customers off of copper wire and onto VOIP, and making ENORMOUS savings on their costs - but continuing to charge the rates that used to pay for copper landlines. The only savings to the customer is free long-distance, which costs practically nothing for the telcos to provide.
And yet, when the power goes out, so does my VOIP phone line, provided by the local telephone company. I've got a UPS to power the phone router, but apparently there isn't one at the telco switch. So when power goes out, so do the "landline" phones, AND the cell system (which is ALSO powered by the electric utility).
I really ought to buy a new HAM radio, since I used to be an ARES operator. Because in a widespread power outage. that might be the only communications link.
IBM 704 and IBM 1401 - both are decimal/BCD systems able to operate on variable length values. Suitable for accurate financial calculations and about 60 years old. The transistor-diode logic in the 1401 tends to be pretty robust but very inefficient for power.
The same can't be said about z/OS based systems and it's predecessors (OS/390 and MVS). There have been known vulns in these otherwise super reliable mainframe systems. All those i-series, S/390, S/370 and S/360 systems that we use in critical systems are not necessarily as hacker-proof as we've assumed for the last five decades.
It will never happen,at least not in USA, who would pay the costs ?
Certainly not the com's firms,unless they get government grants to do so.
Utility owners won't,cos it costs,so same problem,money..
Lots of those now connected systems should never have been connected to anything more complex than an old analogue phone !!
Ape shit (especially flung)
Putin (and cronies)
Trump (all things)
Republican (nearly all)
Fox News (excluding Smith/Cavuto)
Alt-right things (need I say more)
In this case, "critical" means "urban."
Densely populated cities rely quite a bit on automation, facilitated by modern communication networks. Urban areas have a high population density. They are designated critical because they have more people per square mile than Billings, Montana.
If you live in NYC or LA, please explain why Billings, MT should care if you drown in your own sewage because your WiFi is down.
Potato chips are a by-yourself food.
A corrupt capitalist government would allow the most clout to do work on a new infrastructure, even if it wasn't used, it is an easy way to make money, despite the government mandated 5x9s reliability on old Plain Old Telephone Service (POTS). Hopefully 911 doesn't switch completely away... it is best to not receive "Can you hear me now?" when calling 911.
If we're going to add in the additional cost of preserving and maintaining the old systems that the new systems replaced, isn't it better to just use the old systems and save money by totally ditching the new ones?
Cool... just like in that Monty Python's movie "Brazil". Give a new meaning (or rather, very old one) to "data packets".
> My perspective... (Score:-1, Troll)
(S)he is not a troll, (s)he is likely an astronaut or cosmonaut writing from the ISS. For manned space vehicles, potable water is created by filtering the crew's urine because there is no other available source.
Years ago, in my first job, I worked in a steel factory on control systems. They had a "gas plant" heated coal to extract coal gas for use elsewhere in the factory, which was a potentially hazardous environment, to put it politely. Despite the fire risk from the gas, they had to have electronic CO sensors for safety and to measure the gas quality, but those were designed to be safe in that environment. Beyond that, there were no electronics in the plant, nothing that could cause a spark. The control systems for the plant itself were all pneumatic, and were pretty amazing in retrospect. I'm talking full proportional (PID) control, not just on-off switching. You had pneumatic actuators which were like pneumatic transistors: a tiny pressure controlling a hefty valve that controlled large gas flows precisely.
(this is not a
There's a thing, called a data diode... you have wild open internet on one side, and a safe network on the other.... data can only EXIT to the internet, and never enter... protected by the laws of physics themselves. You can monitor all you want, but never control, from the internet. These are the types of things we need to allow remote monitoring of stuff.
Yes, truly redundant systems should be kept in place... the FAA is phasing out a ton of VOR stations... but at least they've had the sense to keep a minimal network around (directly contradicting what I thought a few minute of googling ago).
I thought the DoD insisted that we keep the copper infrastructure in place as a fallback. Is that imperilled? Is that why they wanted MITRE (who work for them) to publish this?
Converged in this context means the only protocol is IP. No ATM, IPX, GSM or custom management protocol. Just IP for all traffic. Probably not even with separate management interfaces - just a vlan.
I expect we will see more and more of the approach taken by some medical devices, where the software (vulnerable) controls are limited by analog failsafes in the machinery. Due in part to the Therac-25 incident. "Just airgap it" is an inadequate solution in many cases, or even more expensive than maintaining analog backups.
This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
If it was frozen right now, it wouldn't be sufficient, and they can't walk backwards.
This was intended as propaganda, but there is truth behind it. There is some degree of fear, because there is a potential risk, a threat with some level of viability.
They didn't grow up in the 60's or 80's. They were alive, and their brains were operating at some primitive level, but they didn't grok the input, and they didn't grok the required response. They didn't get it then, and don't get it now.
If they wanted to, they could go look at Mosul. What is "quality of life" there? Does copper tubes and pneumatics do those folks much good? There are more fundamental fundamentals than does the grocery store door open. A truly heterogenous architecture, a diversified portfolio, is resistant to a single breed of disturbance or load. Copper is too simple.
http://www.excitingip.com/743/network-convergence/
I'd just have to relearn how to set IRQ's, comm ports, AT commands...but I'd get the joy of hearing that modem sound again.
So there are 2 options:
1) Harden general purpose networks physically and service-wise with generators and redundant paths.
2) Create a parallel network for government, water, electricity, rail, flight and emergency services. To truly "hedge against the growing threat of global disruption", it'll have to be hardened, as described in option 1.
No-one's claimed it is impossible, so this is a failure to build the required the "digital system": Yay, capitalism.
Remember, the main reason for copper POTS being so reliable, was legislation. In the USA, mobile data services have little legislation so it is not surprising that "civilization-sustaining functions now susceptible to attack".
by Mutual Assured Hacking.
And definitely don't plug everything into a social media virtual world.
It is important to keep in mind - humans have yet to design an analog system that cannot be compromised.
Kevin Costner and Jeanne Tripplehorn, on the double!
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
... because the current one is trashed out.
Once business got their fucking tentacles snaking across the infrastructure, shit went downhill.
Tor is a failed attempt, but it's a good try.
It little behooves the best of us to comment on the rest of us.
the worst crime is converting nuke power plants from electro mechanical protective relays to easily hackable microprocessor based electronic relays like the GE Multilins. I installed Multilins in a missile defense power plant and had to call the FBI with a warning "do not connect Multilins to the internet". The stupid military didn't care.. Caveat emptor.
someone finds a faster, better way to cram signals and power down it.
aside from those companies making significant money recycling the copper they pull from buildings during renovation, and of course sellers of new fiber hardware, who benefits from tearing out a few lines that aren't in anyone's way?
existing equipment is basically being kept alive by cannibalizing the unused machines installed in the 1990s for spare cards. there are no analog phones being made any more, it's all chip on board stuff, the 5xx series type of phones are almost 40 years past production.
if this is supposed to be a new economy, how come they still want my old fashioned money?
Invest money in maintaining old infrastructure, or invest money in security? Hmm, hard choice.