Nearly two-dozen bugs easily found in critical infrastructure software - CSO Online - Security and Risk
This is going to be the biggest problem for the US for the next 5 years or more. The stuxnet and it's cousins where developed by the US and others, but the cat is out of the bag. These SCADA systems only need small very easy to make and change commands to cause immense damage. The key is the insertion systems used, and they are getting very sophisticated.
Internet hookups where the first, biggest, and still most used insertion tactic. Then some really did go to the point of securing the internet, by unhooking completely. This caused a shift to Flash drive insertions, and this is apparently how the Iran Nuclear system was infiltrated. Ah but a lot of folks are really locking down flash drives so they are not as big of a problem as before.
Now the big move is to cell phones, and any other blue tooth or wifi enabled device. There are still a lot of targeted attacks going on, but there are also becoming more and more attacks that are just broad shotgun style like the bot attacks we see on the internet.
The key is to just get the tool for insertion started by the broad attacks and then when you need to really to move the attack forward you look for a system that has been compromised by the broad attack. For the teams that started the attack, it works very well, but more and more other attackers are finding that they can look for the compromised systems and then exploit them. Some say the Chinese are doing this to US broad attacks in the Mid East. But the documented attacks are organized and not so organized crime teams hitting anything they can.
SCADA systems are known for using PLC's or Programmed Logic Controllers. These PLC's run everything from access controls for gates, everything from Airports to Prisons, to valve controllers used in everything from Nuclear Power Plants, to Water and Waste Water Plants. Some of these attacks are out there just waiting for a chance to operate. The original attack targets are long in the past, now these code bombs are just moving around the world waiting for the chance to infect something.
Some criminal types have recognized this and have tried and sometimes have been successful in extorting money from agencies and authorities even though they did not start the attacks, or even know how to stop the attacks.
We should be in for a long hunt and many problems over the next years. That is what is already out there, others are being developed everyday.
Rich
No comments:
Post a Comment