nanog mailing list archives

Re: First real-world SCADA attack in US


From: "Michael Painter" <tvhawaii () shaka com>
Date: Tue, 22 Nov 2011 13:10:38 -1000

Steven Bellovin wrote:
On Nov 21, 2011, at 4:30 PM, Mark Radabaugh wrote:


Probably nowhere near that sophisticated. More like somebody owned the PC running Windows 98 being used as an operator
interface to the control system.   Then they started poking buttons on the pretty screen.

Somewhere there is a terrified 12 year old.

Please don't think I am saying infrastructure security should not be improved - it really does need help. But I really doubt
this was anything truly interesting.


That's precisely the problem: it does appear to have been an easy attack.
(My thoughts are at https://www.cs.columbia.edu/~smb/blog/2011-11/2011-11-18.html)

--Steve Bellovin, https://www.cs.columbia.edu/~smb


Umm hmm.  And here's another one poking around:
http://pastebin.com/Wx90LLum

"I'm not going to expose the details of the box. No damage was done to any of the machinery; I don't really like mindless vandalism. It's stupid and silly. On the other hand, so is connecting interfaces to your SCADA machinery to the Internet. I wouldn't even call this a hack, either, just to say.
This required almost no skill and could be reproduced by a two year old with a basic knowledge of Simatic."

--Michael



Current thread: