2011 November

November 2011

Various Musings about the recent Water Plant Hack

  • Jonathan Pollet Why would Russian hackers want to burn up a water plant pump? We all knew the capabilities existed.. but.. What is the motivation? 1 day ago
    • Stacy Bresler Great question…something I have been recently asking the community in general related to various ICS attack scenarios, water plants included. It seems we often jump to the attack vector analysis and solutions leaving the questions about motivation unanswered or, at least, in the wings of the overall discussions. 1 day ago
    • Darin Dutcher Agreed that it is a good question, but I think there are more categorically distilled questions that can be asked about threat actors and motivations in relation to this target. 1 day ago
    • Stacy Bresler Absolutely! There is no shortage of questions to be asked :) 1 day ago
    • Peter H. Hu We may never know the true motivation behind the hack. However, we can attempt to deter their attacks by planning a security model around their potential motivations. C.R.I.M.E. model is a good one that comes to mind. Possible Motivators: Compromise Revenge Ideology Monetary Ego 1 day ago
    • Alan Rivaldo My response in a haiku — A motivation | Is not the relevant thing | The end result is. 1 day ago
    • Alex Domshlak I guess that Russian hackers have not specific interests in Springfield, Ill. From my perspective it looks like kind of Proof of Concept. 23 hours ago
    • Eric Gallant Probably just a target of opportunity. A system on the public Internet using off the shelf software; easy pickings. Also, as in nearly every cyber attack, the question of attribution is a difficult one to pin down conclusively. Sure they used Russian IPs. But who’s to say that means they are actually Russian or even in Russia? 10 hours ago
    • Jonathan Pollet All excellent responses. I agree about SCADA systems available from the Internet created with COTS software and running on Windows machines are VERY juicy targets. I also think that it was a proof of concept…hopefully all of these incidents are a wakeup call to asset owners. 10 hours ago
    • Ron Southworth So let’s assume that this media news item is real. How do you secure a SCADA system that has been installed to provide a service to 2200 people given that the place is only held together by chewing gum and good luck. Such a place is usually operated by the police chief and the mayor or similar community officials. Believe it or not there are about 1000 water utilities in N America that are exactly the same or in a worse position. Is the local PUC going to approve the expenditure to secure such a system? 7 hours ago
    • Kelvin Rundle I am not convinced that COTS on Windows makes a target any easier or harder to attack than alternatives. I agree with Ron, small SCADA system operators neither have the resources or budgets to get the help needed to protect these systems, whether they be in the USA or Australia. 6 hours ago
    • Jonathan Bays Motive is a good question but in trying to assess the motive let’s not get hung up on it having to be Russian or Chinese interests just because the more easily traced C&C server appears to be located there. There are so many pirated win machines in both countries that anyone from anywhere could be using them.

Barnaby Jack showcases how medical devices are vulnerable to embedded device hacking

At this year’s Hacker Halted conference in Miami, I was in the audience while my friend Barnaby Jack conducted a live hacking demonstration using RF 900 MHz RF and an insulin pump. During the first part of his presentation, he went into great detail describing how he reversed the embedded device firmware and discovered the vulnerabilities that allowed him to send START/STOP/SUSPEND/DUMP ALL INSULIN commands to the pump without any knowledge of the device serial number or PIN.

The presentation and demonstration was a moment of awakening for many in the audiance that were not aware of how prevalent embedded devices are in our society, or how they can be utilized in ways the manufacturer did not intend.

Leave a Reply