First real-world SCADA attack in US

• Previous message (by thread): First real-world SCADA attack in US
• Next message (by thread): First real-world SCADA attack in US
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

----- Original Message -----
> From: "Jimmy Hess" <mysidia at gmail.com>

> On Mon, Nov 21, 2011 at 3:35 PM, Mark Radabaugh <mark at amplex.net>
> wrote:
> > On 11/21/11 10:32 AM, Jay Ashworth wrote:
> > education / resource issue. The existing methods that have been used for
> > years with reasonable success in the IT industry can 'fix' this
> > problem.

Careful with the attribution; you're quoting Mark, not me.

> The weakness of typical IT security is probably OK, when the only danger of compromise
> is that an intruder might get some sensitive information, or IT might need to go to the tapes.
> 
> That just won't do, when the result of compromise is, industrial equipment
> is forced outside
> of safe parameters, resulting in deaths, or a city's water supply is shut down,
> resulting in deaths.

(72 character hard wrap... please.)

> Hard perimeter and mushy interior with OS updates just to address
> known issues, and malware scanners to "try and catch" things just won't do.

Precisely.  THe case in point example these days is traffic light controllers.

I know from traffic light controllers; when I was a kid, that was my dad's
beat for the City of Boston.  Being a geeky kid, I drilled the guys in the
signal shop, the few times I got to go there (Saturdays, and such).

The old design for traffic signal controllers was that the relays that drove
each signal/group were electrically interlocked: the relay that made N/S able 
to engage it's greens *got its power from* the relay that made E/W red; if there
wasn't a red there, you *couldn't* make the other direction green.

These days, I'm not sure that's still true: I can *see* the signal change
propagate across a row of 5 LED signals from one end to the other.  Since I 
don't think the speed of electricity is slow enough to do that (it's probably 
on the order of 5ms light to light), I have to assume that it's processor delay
as the processor runs a display list to turn on output transistors that drive
the LED light heads.

That implies to me that it is *physically* possible to get opposing greens
(which we refer to, in technical terms as "traffic fatalities") out of the
controller box... in exactly the same way that it didn't used to be.

That's unsettling enough that I'm going to go hunt down a signal mechanic
and ask.

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra at baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover DII
St Petersburg FL USA      http://photo.imageinc.us             +1 727 647 1274

• Previous message (by thread): First real-world SCADA attack in US
• Next message (by thread): First real-world SCADA attack in US
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]