Foreign hackers targeted U.S. water plant in apparent malicious cyber attack

[Zeitgeist]

http://www.washingtonpost.com/blogs/checkpoint-washington/post/foreign-hackers-broke-into-illinois-water-plant-control-system-industry-expert-says/2011/11/18/gIQAgmTZYN_blog.html

The story goes on to stress that it isn't conclusive the attack was an internet based attack. All the same, I'm wracking my brain trying to come up with a plausible reason what the utility of having city water plant systems even accessible via the Internet would be.

So employees can monitor the plant from home?

I do understand that the plant would be managed by a network of computer systems. But that doesn't require a virtual door to networks outside its purview, namely the Wide World Web. And any such internal system should be disconnected from any administrative/clerical system that would exist, i.e. e-mail and such.

If there is no physical path to a system, an external threat such as a cyber attack becomes moot, no?

[Missy]

Link your controls to the internet and you can give it commands from an off-site location such as say a regional HQ. Then you only have to pay manpower to run the HQ and only need to send maintenance crew when something appears to be wrong. You would spend less money. At least that's one possible explanation.

[Zeitgeist]

Link your controls to the internet and you can give it commands from an off-site location such as say a regional HQ. Then you only have to pay manpower to run the HQ and only need to send maintenance crew when something appears to be wrong. You would spend less money. At least that's one possible explanation.

I suppose so, yes. Could conceptually loop in two or more stations on their own physical and separate network, yet the practicality of that might be in question given the size of the city and resources.

[Vekseid]

I suppose so, yes. Could conceptually loop in two or more stations on their own physical and separate network, yet the practicality of that might be in question given the size of the city and resources.

They could have been on separate networks. If they weren't fully segregated, however, all an attacker needs is to gain control of a machine that's connected to both.

[Oniya]

So - a computer in the plant that happened to be logged into the intranet as well as connected to an outside site (someone surfing Facebook at work, or similar)?

[Vekseid]

Just a machine that has access to both the intranet and the Internet in some fashion, there's no reason for even a specific website to be accessed if someone is dumb enough to open any attachment that gets sent their way, for example.

[Izu]

-didn't have time to read the article- But it sounds like the Stuxnet case. I guess the 'Cold War' of our century will be actually a 'Cyber War' >.>

[Zeitgeist]

Just a machine that has access to both the intranet and the Internet in some fashion, there's no reason for even a specific website to be accessed if someone is dumb enough to open any attachment that gets sent their way, for example.

Indeed, if someone introduced a virus to a particular network, it doesn't matter if its a separate network. Only training and accountability can fix that.

Managing multiple sites, sites that are on closed and separate networks would be problematic without having then accessible via the internet. If you're going to make sensitive sites reachable from remote locations, VPN (Virtual Private Network) would be a requirement I would imagine.

But really, the only sure way to secure it would be to keep it off the Internet and other inaccessible from any other network that is connected to the Internet. Because someone, eventually will figure out a way to hack through.

[Izu]

Well... if you ask me as long as anything is in any sort of network it's not secured. Theoretically they can design a virus that would hit the local electric power central, overload it and make it sent too big of electric signals that could shut down everything, burn wires, etc. I'm telling you from now on we'll be hearing of some huge hack hits. As I said - it's a lot cheaper and safer to lead a war (political, industry, or whatever) from a laptop somewhere far away than sending troops to death or doing other more expensive tricks to ruin your competition.

[Zeitgeist]

Well... if you ask me as long as anything is in any sort of network it's not secured. Theoretically they can design a virus that would hit the local electric power central, overload it and make it sent too big of electric signals that could shut down everything, burn wires, etc. I'm telling you from now on we'll be hearing of some huge hack hits. As I said - it's a lot cheaper and safer to lead a war (political, industry, or whatever) from a laptop somewhere far away than sending troops to death or doing other more expensive tricks to ruin your competition.

Sure, but by that measure anything plugged in is insecure, including your refrigerator :P

You're absolutely right though about the means. Be it box cutters or the now ubiquitous laptop and wireless connection, it doesn't take a whole lot.

[Oniya]

Just a machine that has access to both the intranet and the Internet in some fashion, there's no reason for even a specific website to be accessed if someone is dumb enough to open any attachment that gets sent their way, for example.

I would assume that would involve a connection to whatever non-work email site they use while on the work machine, even if that wasn't concurrent with the cyber-attack, to open said attachment.

[Caehlim]

Chances are the city water supply network was designed twenty or so years ago, with piecemeal upgrades of various parts of the infrastructure and several attempts to overhaul the whole system that had to deal with hundreds of compatibility issues between the physical structure and the software. Plus the software they were using was probably designed for a similar but not identical system somewhere else.

I'm not saying your suggestion is invalid, but implementing it in the real world would A) cost lots, B) probably take the system offline temporarily for the upgrade and C) probably never actually be subjected to an attack requiring that level of security. All three are vote losers so democratic governments will never go for it outside of essential military systems.

Finally, there's always the possibility that this was an inside job and some employee somewhere in the network facilitated the link to the outside world.

[Izu]

Hell, yeah! Especially those new high-tech fridges. I think there are some with hi-fi already. >.>

[Caehlim]

Didn't they just bring out the even more expensive, high tech line of retro-fridges that INTENTIONALLY don't have hi-fi and thus cost thousands of dollars?

(I kid... sort of. Hearing about this in the real world wouldn't actually surprise me though).