Announcement

Collapse
No announcement yet.

OT: A fun little piece of malware.....

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • OT: A fun little piece of malware.....

    Just kids playing around on the internet, right?

    https://www.technologyreview.com/s/6...riton-malware/
    1601

    Keep eye on ball.
    Hashim Khan

  • #2
    The only solution I can see for that is anything hooked up to the internet should be read only. If you don't want your
    machines messed with you should have an in house Station that controls the equip but is not networked. Depending on
    the importance of the equipment, it might be a necessary inconvenience.

    If somebody can get in, anybody can get in.
    John Titor, when are you.

    Comment


    • #3
      Oh Jerry.... ;(

      You do know you made a header called malware and proceeded to post a link to who knows where.

      And I sure as hell will not go to that link

      Its just a coincidence. Funny though JR
      My old yahoo group. Bridgeport Mill Group

      https://groups.yahoo.com/neo/groups/...port_mill/info

      Comment


      • #4
        The link is to an article........

        Originally posted by JRouche View Post
        Oh Jerry.... ;(

        You do know you made a header called malware and proceeded to post a link to who knows where.

        And I sure as hell will not go to that link

        Its just a coincidence. Funny though JR
        Yeah, it goes right to my server, and I have set that up to inject malware into your computer until it leaks out the screen...... LOL.....

        Technology review is a legit place...... has been up to now, at least.... Who knows what evil lurks in the hearts of men? The shadow knows........
        Last edited by J Tiers; 03-08-2019, 01:19 AM.
        1601

        Keep eye on ball.
        Hashim Khan

        Comment


        • #5
          If you connect it to the internet you gotta expect problems.
          Andy

          Comment


          • #6
            At what point will people (companies and governments) wise up and air gap anything that is critical and can or will be targeted by thief's and terrorists.
            The shortest distance between two points is a circle of infinite diameter.

            Bluewater Model Engineering Society at https://sites.google.com/site/bluewatermes/

            Southwestern Ontario. Canada

            Comment


            • #7
              Having worked on critical systems all I can say is that they broke several rules: 1) air gap the critical system. This means that the system running the critical software doesn't connect to an external system. 2) No one brings anything foreign in contact with the system - no USB sticks, no CDs found in the parking lot, etc. We found that disabling the USB on non-servers helped a lot (supergluing in a plug was a favorite) in reducing temptation.

              Doing both of those resulted in clean systems even when they were being actively targeted. I would think those actions should be considered for a lot of industrial process systems.

              Comment


              • #8
                Originally posted by rkepler View Post
                Having worked on critical systems all I can say is that they broke several rules: 1) air gap the critical system. This means that the system running the critical software doesn't connect to an external system. 2) No one brings anything foreign in contact with the system - no USB sticks, no CDs found in the parking lot, etc. We found that disabling the USB on non-servers helped a lot (supergluing in a plug was a favorite) in reducing temptation.

                Doing both of those resulted in clean systems even when they were being actively targeted. I would think those actions should be considered for a lot of industrial process systems.
                Of course, those things, while they work, also totally destroy one big reason for having connection..... which is the ability to operate and monitor remotely. That is the main reason for having connected systems in the electric grid. If you are not going to connect connected systems, then you may as well stay with the 1950's era equipment.

                You just cannot do anything remotely without having the possibility of bad actors breaking into the system and screwing it up. SO your choice is to do the remote stuff, and accept that someone can destroy your system and cost you a lot of money and time, or stick with the old system, which will cost a lot of money and time and not work as well.

                Not a great set of options.
                1601

                Keep eye on ball.
                Hashim Khan

                Comment


                • #9
                  IMHO, security systems of the critical facilities must never be able to connect to Internet or any systems that had any Internet exposure directly or indirectly.

                  But, frankly, it's less costly and much more beneficial to stop being politically correct and start physically eliminating putins of the world. This will greatly diminish or fully eliminate the state sponsored terrorism in addition to getting other benefits. Naturally, it doesn't eliminate need for security improvements anyway.

                  We have a very short memory. Timely physical elimination of Adolf and his friends would save millions of people around the globe. Instead, they danced with him. The same is happening with Putin and those like him now. Do we really want to rebuild bomb shelters, invest additional billions of dollars into our military capacity, spend a fortune on security issues yet continue worrying? You don't try to convince a rabid dog not to bite people. You kill it.
                  Last edited by MichaelP; 03-09-2019, 02:34 AM.
                  Mike
                  WI/IL border, USA

                  Comment


                  • #10
                    One example of benefits and drive to inter-connectivity is with power generation. There are multiple connected generation system, distribution systems and demand. With increasing use of wind and solar power generation it also becomes more important to respond in real time to changes. The Southwest Power Pool that we're a part of here is one example. Besides just sufficient generation, it's also trying to maintain the lowest cost by bringing higher cost producers on line later, but also modified by the characteristics of the producers such as the fact that coal turbine plants might take a long time to bring up and can't easily be shut down completely.

                    For interest you can go look at their website showing characteristics of the grid in real time - usage, costs of producers, etc. One interesting facet is that wind power, while one of the lowest cost when available, can sometimes slip into negative costs. How come? Well, since many have gotten subsidies to encourage development, in some conditions the subsidies are greater than actual production costs.

                    They're also acutely aware of the importance of security and our government issues requirements and penalties for non-conformance. $1M per day I'm told and Duke Energy was fined $8M sometime back. Among security systems are USB drives that can be erased remotely if they're somehow lost. I'm curious how they do that, but I suppose that's proprietary as well. And part of the continuing security testing and education is that employees are also sent bait emails, where clicking on them actually takes them to an education site and locks their access temporarily.

                    It's an impressive system but I'm sure the challenges are impressive too.
                    .
                    "People will occasionally stumble over the truth, but most of the time they will pick themselves up and carry on" : Winston Churchill

                    Comment


                    • #11
                      Originally posted by J Tiers View Post
                      Of course, those things, while they work, also totally destroy one big reason for having connection..... which is the ability to operate and monitor remotely. That is the main reason for having connected systems in the electric grid. If you are not going to connect connected systems, then you may as well stay with the 1950's era equipment.

                      You just cannot do anything remotely without having the possibility of bad actors breaking into the system and screwing it up. SO your choice is to do the remote stuff, and accept that someone can destroy your system and cost you a lot of money and time, or stick with the old system, which will cost a lot of money and time and not work as well.

                      Not a great set of options.
                      Internet is not the only choice for operating and monitoring remotely. Microwave links , dedicated phone lines and other means have been used FAR before the Internet became popular. Take a close look at a local electrical substation and you will probably see a tiny microwave dish, same for remote television/radio transmitters, oil pipeline systems..... list goes on forever.

                      Comment


                      • #12
                        Originally posted by Sparky_NY View Post
                        Internet is not the only choice for operating and monitoring remotely. Microwave links , dedicated phone lines and other means have been used FAR before the Internet became popular. Take a close look at a local electrical substation and you will probably see a tiny microwave dish, same for remote television/radio transmitters, oil pipeline systems..... list goes on forever.
                        Those ARE very possibly internet connected..... just not at the point of control.... You do not think they end up somewhere with an internet connection? Probably they do. And so there could be a vulnerability that way. The bad actors in russia, china, and NK, etc, have time and motivation to find their way into major systems in the US and elsewhere. Then it is "do what we say, when we say it, or back to the stone age you go". Probably a demonstration of destruction of some regional system would come before the demand.

                        Plus, those microwave systems (or wired systems) are not immune to interception and intrusion. They might be more easy to hack, because it is assumed they are not going to be attacked, and they may not be as well protected. The only difference is that the bad actor needs to be in-line with a tower to do the work. But he's gone before anyone is looking for him. Maybe not even a break-in, just dynamite a few towers in the best places.

                        It's not even a question of "if" that will happen, it is a matter of "how soon" it will happen. Every fixed installation is just a target, and has maybe 20 different effective but reasonably simple ways to be attacked. Malware is just easy (relatively), done remotely, can be very destructive, and not easily traceable to a person or even an "agency".
                        Last edited by J Tiers; 03-08-2019, 01:08 PM.
                        1601

                        Keep eye on ball.
                        Hashim Khan

                        Comment


                        • #13
                          My old firm had pc's all over the machine shop, people were emailing each other over a few hundred feet distance. They got hit with a virus which shook them up, but I'm not sure if the management were intelligent enough to just disconnect from the internet every pc that didn't have a real requirement for going online.

                          Comment


                          • #14
                            Originally posted by J Tiers View Post
                            Those ARE very possibly internet connected..... just not at the point of control.... You do not think they end up somewhere with an internet connection? Probably they do.
                            Point is, that you missed, that remote control / monitoring can be done in many ways besides the internet. Previous posts have talked about maintaining a "air gap" which is pretty standard procedure. ANY system is vulnerable if you have dummies designing it.

                            As for point to point microwave systems not being immune to interception and intrusion.... well.... there is a decent chance it would be noticed if a helicopter is hovering for extended periods in the narrow beam width. Foreign hackers are not going to just shimmy up a tree with their all-band shortwave radio and intercept the signal.

                            Your arguments are beyond weak.

                            Comment


                            • #15
                              Originally posted by Sparky_NY View Post
                              ...

                              Your arguments are beyond weak.
                              Your opinion is your opinion and need not have any more relation to facts than anyone else's.

                              And how many complex systems supposedly secure turn out to be hacked into? Yep, lots, from the military on down. I'm very happy for you being supremely confident that everything is locked up tight..... the newspapers regularly report a different account, of course..... but thre's a name for that. ANY comm system can be hacked into, because so much of it is in uncontrolled areas
                              Last edited by J Tiers; 03-08-2019, 04:28 PM.
                              1601

                              Keep eye on ball.
                              Hashim Khan

                              Comment

                              Working...
                              X