Announcement

Collapse
No announcement yet.

OT pipeline fiasco

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • OT pipeline fiasco

    The latest failure of the fuel pipeline in the USA demonstrates the stupidity of relying on the world wide web for anything important. It would have cost a little more to run secure communications along the length of the pipeline completely self contained.
    When I was working, my firm had loads of PC's all connected to the internet, people used to send each other messages which over a few yards were simply unneccessary and the system was eventually hit by some hacker, which shut everything down for a while. I could not understand why they didn't have a few independent computers connected to the internet and the rest networked internally and not connected to the internet. Very few people actually needed to have outside connections.

  • #2
    Agree. But its much cheaper to use the WWW, they need to really step up Security and this they have been told for years and years.
    Retired - Journeyman Refrigeration Pipefitter - Master Electrician - Fine Line Automation CNC 4x4 Router

    Comment


    • #3
      Originally posted by old mart View Post
      It would have cost a little more to run secure communications along the length of the pipeline completely self contained.
      I'm not an expert on pipe line communication security, but would guess relying on a wire along the side the pipeline for thousands of miles would carry its own risks.
      in Toronto Ontario - where are you?

      Comment


      • #4
        Wait until the lights go out in the middle of winter! Oh, wait that already happened!

        Comment


        • #5
          Originally posted by barracudajoe View Post
          Wait until the lights go out in the middle of winter! Oh, wait that already happened!
          Yep.... in the house where electricity is required for anything and everything to work....... No lights, no heat, no cooking, everyone just has to bail to the shelter and let the thieves have what's in the house.
          2730

          Keep eye on ball.
          Hashim Khan


          It's just a box of rain, I don't know who put it there.

          Comment


          • #6
            I worked in data security for a major power utility back in the late 1990s, and even then it was known to be vital that you separate the working parts of your company from the administrative parts. This was especially true of networks for SCADA (Supervisory Control and Data Acquisition) purposes as used by power and gas companies.

            But.... It's way too easy for the network folks to garner fat bonuses by convincing management that a VLAN (local) or VPN (remote) are the same as an encrypted private line, or secured network. That saves a whole bunch of money, at least in the short term.

            For the last 10 to 15 years the government has been sending notices to the power companies telling them that they need to secure their SCADA networks, even going so far as to identify specific SCADA equipment with security flaws. They have largely been ignored. I doubt that will change until more companies follow the lead of AXA, an European insurer who announced that they will no longer cover ransomware reimbursements. ( https://www.zdnet.com/article/axa-pl...mware-victims/ )

            Dan
            At the end of the project, there is a profound difference between spare parts and left over parts.

            Location: SF East Bay.

            Comment


            • #7
              One would think that there is a strategy which will allow the use of backups to re-establish via copies of the encrypted data in your readable format (whatever that is).

              The obvious issue is the possible existence of previously established malware months before, which can act on ANY recent backup as soon as accessed. The only remedy there is to identify the malware and scrub the backups of the malware before exposure and use, so that the malware is scrubbed before being exposed to the conditions (date, internet access, etc) that trigger it,
              2730

              Keep eye on ball.
              Hashim Khan


              It's just a box of rain, I don't know who put it there.

              Comment


              • #8
                Dr Kathleen Fisher DARPA Program manager High assurance systems. We were warned about this a decade ago, as usual, nothing was done about it.

                https://www.youtube.com/watch?v=3D6jxBDy8k8
                I just need one more tool,just one!

                Comment


                • #9
                  Why do we even need the Internet or any type of centralized control for these types of critical systems. How were they operated before the Internet existed? I'm guessing the Colonial pipeline was in operation pre-internet. Most pipelines have been in service for decades. Yes, that was sarcasm.

                  The truth is that companies have used the internet to get rid of workers that used to operate from many smaller control rooms situated along the pipeline. The same goes for utilites. I work in the hydroelectric industry and know that there are many hydro plants that operate remotely from centralized control rooms. What we are seeing is a monster of our own making. It is telling that Colonial made the statement that smaller branch lines were being operated manually to get them back up. Hmmmm, why not ditch the SCADA altogether and put real humans back in control. No need to worry about hackers. I wonder how many workers the lost revenue would pay for? Keep the computer controls for local monitoring and control, if you feel the need, but let humans make the decisions. Don't connect them to ANY centralized network..
                  Last edited by Bluechips; 05-12-2021, 10:48 PM.

                  Comment


                  • #10
                    Insurance companies cover ransomware losses? How stupid can you get?

                    I am all too familiar with how hard it is to get the computer nerds to do it in any way that is different from their ideas. They are sooooo smart and they know it.



                    Originally posted by danlb View Post
                    I worked in data security for a major power utility back in the late 1990s, and even then it was known to be vital that you separate the working parts of your company from the administrative parts. This was especially true of networks for SCADA (Supervisory Control and Data Acquisition) purposes as used by power and gas companies.

                    But.... It's way too easy for the network folks to garner fat bonuses by convincing management that a VLAN (local) or VPN (remote) are the same as an encrypted private line, or secured network. That saves a whole bunch of money, at least in the short term.

                    For the last 10 to 15 years the government has been sending notices to the power companies telling them that they need to secure their SCADA networks, even going so far as to identify specific SCADA equipment with security flaws. They have largely been ignored. I doubt that will change until more companies follow the lead of AXA, an European insurer who announced that they will no longer cover ransomware reimbursements. ( https://www.zdnet.com/article/axa-pl...mware-victims/ )

                    Dan
                    Paul A.
                    SE Texas

                    And if you look REAL close at an analog signal,
                    You will find that it has discrete steps.

                    Comment


                    • #11
                      You get the same problem either way. Humans.

                      In almost every instance of hacking, there was a human involved other than the hackers. Someone did something, or failed to do something, based on some situation the hackers set up to "socially engineer" that response.

                      If humans actually operate the controls, then they are vulnerable to fake orders. And if the orders are not in the right format, then a good manipulator can get around that by claiming a circumstance that demands the action, and basically browbeating the operator to "get busy and do what I say if you do not want to be responsible for an entire school full of kids burning up" or some such thing. Social engineering again, just at a different level and operating in a different pattern.

                      In any case, one reference said that the actual pipeline controls were not attacked, but rather something on the "business side" was attacked. It was not clear if that was the path in, or if that was actually the part attacked.

                      But it makes sense that the business side was the actual attack point. If the records of what was moving when and where was fouled up, that would potentially make it not possible to determine if you are delivering diesel, gasoline, or JetA to a particular place. All the controls would be fine, what would be lacking is the precise instructions to send the right product to each destination. You would have to stop operations because you could not make correct deliveries.


                      Originally posted by Paul Alciatore View Post
                      Insurance companies cover ransomware losses? How stupid can you get?

                      I am all too familiar with how hard it is to get the computer nerds to do it in any way that is different from their ideas. They are sooooo smart and they know it.
                      And with regard to actually setting up the HMI, or determining which approach to take to a problem like security, many of them are affected by the Dunning-Kruger effect.


                      Last edited by J Tiers; 05-12-2021, 11:45 PM.
                      2730

                      Keep eye on ball.
                      Hashim Khan


                      It's just a box of rain, I don't know who put it there.

                      Comment


                      • #12
                        It would be a lie for me to say that I've worried about this kind of thing ever since I started working in the electronic field, but not a very big one. Long ago I avoided getting into computers, since I didn't want to be a part of the coming fiascos, the total reliance on electronics for what has become vital to our very survival in many cases. I could see it coming- including the robot putting people out of work- and it never sat well in my mind. That is the real reason I didn't fancy a career in computers. I stuck to audio and television, appliances- but now you can't even make coffee without a computer.

                        Of course I do have my own computers now and use them everyday- the desktops, in my vehicles, but I do feel quite at risk. I like the world-wide connectivity we have now, and there are other positives- but I still feel like there's a time bomb ready to explode on us all. A big enough solar flare could interfere with your home systems, lock you out of your bank account- the damage you could be potentially exposed to has few limits. You can't cut firewood with a laptop or cellphone (although you could possibly light the fire with one)
                        I seldom do anything within the scope of logical reason and calculated cost/benefit, etc- I'm following my passion-

                        Comment


                        • #13
                          as wierdscience and others said above, we have not heeded various warnings over the years and will continue to suffer the consequences. The possible consequences to the electrical grid and to municipal water supply systems are in the same vulnerable state, a gruesome example is what happened in Texas this winter, and that was not caused by hackers. I suppose one can judge the amount of concern about important issues by looking at the network news, happy kitten rescues get more airtime than what I would think are stories that should be hammered into our collective consciousness. (oh and just for the record, I don't rely on the news for my info about anything other than happy kitty rescues...) Jim

                          Comment


                          • #14
                            One book wonder on the Colonial pipeline, however what I remember. On the front end many refineries feed the pipe. On the delivery end buyers in many locations draw from the pipe. Pipeline itself does not own the product they are paid for transportation . Buyer is not actually buying same product the refinery delivered It’s same grade and volume though. Pipelines Computer system keeps track & sends the data to buyer & seller to confirm the deal & money changes hands Further complication several types and grades of products transported.

                            Seems to me it’s a natural for dedicated information system NOT linked to the internet. The government tacks on a lot to fuel cost, add a penny per gallon & secure the system

                            Boats

                            Comment


                            • #15
                              Originally posted by J Tiers View Post
                              You get the same problem either way. Humans.

                              In almost every instance of hacking, there was a human involved other than the hackers. Someone did something, or failed to do something, based on some situation the hackers set up to "socially engineer" that response.

                              If humans actually operate the controls, then they are vulnerable to fake orders. And if the orders are not in the right format, then a good manipulator can get around that by claiming a circumstance that demands the action, and basically browbeating the operator to "get busy and do what I say if you do not want to be responsible for an entire school full of kids burning up" or some such thing. Social engineering again, just at a different level and operating in a different pattern.
                              In this day and age, no physical input is required to take control of a system by persons in contact with it. Like Dr Fisher mentioned in her talk, there is no longer a need for an attacker to have physical contact with the system and no need for an inside man or even human error. Those operating the system can be totally unaware that anything is wrong. Who wrote the firmware, or what was in the latest software update becomes a valid question however.

                              When negative changes occur in any system, the first action in reversing the trend is to look for what changed and when. Before we had web based control systems, we had manual operators, who while not perfect, did not arbitrarily shut the whole system down for no good reason. What we have now, is a pipeline operator who is or was about to be locked out of their own system, by people out of reach, and apparently no backup in place for a manual override.

                              The better system would be semi-automatic normal operation, with experienced human operators capable of a manual override (what we had for decades prior). That coupled with an air gap ( there is no reason for a VFD on a pump or a valve actuator to be coupled to the internet) we could have access to the control system, but not actual access to the controls themselves via a network and have a better, more secure system than what we have now.


                              I just need one more tool,just one!

                              Comment

                              Working...
                              X