Special Reports

Computer Viruses

Power plants open to hacker attack

  • 18 May 2008
  • From New Scientist Print Edition. Subscribe and get 4 free issues
Printable versionEmail to a friendRSS FeedSyndicate
 
(Image: stock.xchng)
(Image: stock.xchng)
Related Articles
Web Links
 

POWER plants could be sabotaged by a simple internet attack that shuts down their control systems.

Core Security in Boston, Massachusetts, has discovered a serious vulnerability in a software package called Suitelink that is widely used to automate the operation of power stations, oil refineries and production lines. This could allow attackers to crash Suitelink by sending an outsize data packet to a certain port on the computer running the program. Suitelink's maker, Wonderware, has since issued a software patch to plug the security gap.

Core had only just begun examining this kind of supervisory control and data acquisition (SCADA) program when it found the problem. This may mean that more vulnerabilities are still hidden in software of this type.

Energy and Fuels - Learn more about the looming energy crisis in our comprehensive special report.

Computer Viruses - Learn more about the threats to your PC in our comprehensive special report.

 
From issue 2656 of New Scientist magazine, 18 May 2008, page 25
Comment subject
Comment
No HTML except lower case italic tags or lower case bold tags, please:
<i> or <b>
Your name
Your email
 

We need your email in case we need to contact you about the comment. We will not use it for any other purpose.

  
 
There are 14 comments on 2 pages
1  | 
2
 | Next
 | Most Recent
 | See all
VIEW THREAD >>

Why. . .

By Joe White

Sun May 18 10:04:04 BST 2008

Why the hell would you even link that kind of system to the internet?! Thats just asking for trouble!

REPORT | REPLY

Why. . .

By Shaun

Sun May 18 11:09:02 BST 2008

Unfortunately it's just too expensive to lay copper or fibre optics for you own private network to connect power stations across the country, thus the companies use the net. The economic benefits of connecting these systems to the net far outweigh the risks, I'm afraid.

REPORT | REPLY

Why. . .

By Josh

Sun May 18 17:10:35 BST 2008

There are these neat things called satellites...

REPORT | REPLY

Why. . .

By Big Ben

Sun May 18 17:51:57 BST 2008

Which transmit Data over wireless protocols... An even bigger risk... Easier to hack, and virtually impossible to trace where the hack has originated from...

REPORT | REPLY

VIEW THREAD >>
VIEW THREAD >>

Intenet??? Little Back Of Background

By Nigel

Sun May 18 11:20:55 BST 2008

"Internet"? The articles use of "internet attack" is misleading, it should have said "network attack" and would generally require the industrial LAN which the SCADA uses to be connected to the internet , allowing outside access, something most engineers would / should be loath to do.

Products like Wonderware, RSView, CiTect another SCADA packages are not generally used as the only direct plant control. They are used to give a user view into the status of the plant and generate reports, maintenance fault listings and run on aWindows PC. They are also used to issue high level commands to turn certain sections of the control system from automatic to manual control etc. The actual control of motors, valves, actuators is typically done by dedicated hardware. If you cause the computer running the SCADA program to crash, reboot etc. It is highly unlikely it will issue a positive and correctly structured command during this crash process. What it does mean is that you can't monitor the plant or control using that computer. You can most likely still use other user interfaces that are typically located on the shop floor or near the machinery provided the engineers have properly separated the SCADA and low level comms. Networks. However these sorts of failures can lead to more complex failures due to lack of status visibility in control rooms.

However...since the late '90's there has been a large push to get "global visibility" of such control systems and many people who don't seem to see the risks have been promoting this sort of thinking. IMHO the risks outweigh the benefits because even simple DOS attacks can prevent SCADA systems from working.

At a SCADA conference in 1999 I was surprised by the total cluelessness demonstrated by everyone about DOS attacks and other threats to networks.

A solution is to ensure only authorised computers and authorised people can gain access to your SCADA computer in the first place. We'll all be waiting a long time for highly complex software not to have flaws or weaknesses. How does the cost of a shutdown of a conveniently online accessible site compare to the cost of getting a trusted person physically on site when things go wrong and not running the risk of being compromised?

REPORT | REPLY

Intenet??? Little Back Of Background

By Me

Sun May 18 20:10:08 BST 2008

Since You both care & know-about this, The solution to this is:

get a copy of "Presenting to Win" by Weissman, 2nd ed.

Subscribe to Risks Digest & Disaster Recovery Journal ( both free, one e-, one paper )

Prepare a SCADA presentation yourself, get a slot at the next conference you can, & MAKE A DIFFERENCE in their awareness.

The ones who perceive have some responsibility, whether we like it or not, for our race's overall-survival.

Unfortunately, that means work, but with the 3 leverages listed here, you'd be better able to do it than most.

Oh, here's another leverage:

depending on your expertise in writing, either

William Zinsser's "On Writing Well", or, if you're already good, then

Sol Stein's "Stein on Writing".

Working-over one's words with those, makes a vast difference...

Cheers,

-me

REPORT | REPLY

VIEW THREAD >>
VIEW THREAD >>

Lol

By Harsh Kumar Verma

Sun May 18 12:12:51 BST 2008

NS is stupid why do they put this on the i ternet lol a hacker could come and see this what's hte point if we know

REPORT | REPLY

Lol

By Joe

Sun May 18 15:39:13 BST 2008

Security by obscurity is never effective. It's better that a security hole be publicized so those affected can work to secure it.

REPORT | REPLY

VIEW THREAD >>

Lol

By Matt

Mon May 19 03:13:05 BST 2008

READ THE ARTICLE!

"Suitelink's maker, Wonderware, has since issued a software patch to plug the security gap."

The security issue has already been addressed...

REPORT | REPLY

VIEW THREAD >>
There are 14 comments on 2 pages
1  | 
2
 | Next
 | Most Recent
 | See all

All comments should respect the New Scientist House Rules. If you think a particular comment breaks these rules then please use the "Report" link in that comment to report it to us.

If you are having a technical problem posting a comment, please contact technical support.

Printable versionEmail to a friendRSS FeedSyndicate
Cover of latest issue of New Scientist magazine
  • For exclusive news and expert analysis every week subscribe to New Scientist Print Edition
  • For what's in New Scientist magazine this week see contents
  • Search all stories
  • Contact us about this story
  • Sign up for our free newsletter
 
Password Login
username:
password:
Your login is case-sensitive
>Help
Subscriptions
Subscribe to New Scientist magazine