The hack itself is trivial: an intrepid individual discovered that electronic road signs shared a common default password. The good news is; that the default password would have been discovered and publicized years ago if the systems were connected to the internet. They were only left alone or overlooked, for years because very few people had the initiative or twisted interest, to walk up to one of the signs and attempt what is essentially a simple dictionary attack against the authentication mechanism.
Without the motivation and justification of protecting installations from sustained and multiple attack, engineers saw no reason to improve the security of their systems. Following the threat response reasoning, that defense is only required where attack is likely or where expenditure restrictions veto and supress security issues. (Discuss!) You could also argue that the lack of protection in certain areas forms part of the overall strategy of the threat and those that threaten.
It seems that everyone laughed off the hack as a simple prank, but failed to consider the serious implications and security problems that exist in systems that are legacy-based, semi-automated and semi-attached to the National grid.
There are a large class of systems that are semi-attached to the grid and they also have similar security problems and vulnerabilities. Known as SCADA (Supervisory Control And Data Acquisition) Systems, these computers are responsible for controlling electro-mechanical devices and physical plant as found in nuclear reactors and oil refineries.
Many of these systems were deployed years ago in simpler times, well before the information security industry fully understood code quality problems and how they can be and would be, exploited by attackers. These systems are only safe from exploitation for as long as you can guarantee a substantial air-gap or secure firewall between the control network and anything a human being can touch.
Serious Vulnerabilities
Spies and government sponsored hackers have already been probing the U.S. electrical grid for months and planting software that is intended to be activated at a future date, according to a Wall Street Journal. The report highlights the latest non-physical, indirect threats and vulnerabilities facing the U.S. power infrastructure.
The Journal notes that the spies are from China, Russia and other countries who are more openly threatening. While the news is very disturbing, it isn’t all that surprising. The vulnerabilities of the U.S. infrastructure are well documented. It is also notable that the electrical grids were initially thought to be somewhat hacker proof, until recently. Why? because the grids run on old legacy software, which is often proprietary. This it turns out is its greatest weakness, along with apathy and complacency.
The barbarians are not at the door but they may have remote access to your infrastructure and life support systems! Prepare to repel boarders!
No comments:
Post a Comment