On 11/25/11 12:02 , Jay Hennigan wrote:
> On 11/25/11 11:34 AM, Joel jaeggli wrote:
>
>> Cars generically cause at lot more deaths than faulty traffic
>> controllers 13.2 per 100,000 population in the US annually.
>
> The cars don't (often) cause them. The drivers do. Yes, there are the
> rare
On 11/25/11 11:34 AM, Joel jaeggli wrote:
> Cars generically cause at lot more deaths than faulty traffic
> controllers 13.2 per 100,000 population in the US annually.
The cars don't (often) cause them. The drivers do. Yes, there are the
rare mechanical failures but the most likely cause is wet
On 11/22/11 08:16 , Jay Ashworth wrote:
> - Original Message -
>> From: "Owen DeLong"
>
>> As in all cases, additional flexibility results in additional ability
>> to make mistakes. Simple mechanical lockouts do not scale to the
>> modern world. The benefits of these additional capabiliti
Hal Murray wrote:
Like any of the decades largest breaches this could have been avoided by
following BCP's. In addition SCADA networks are easily protected via
behavioral and signature based security technologies.
Is there a BCP that covers security for SCADA?
Note that Google for "BCP SCADA"
> Like any of the decades largest breaches this could have been avoided by
> following BCP's. In addition SCADA networks are easily protected via
> behavioral and signature based security technologies.
Is there a BCP that covers security for SCADA?
Note that Google for "BCP SCADA" finds
BS-
I have to jump in on this thread. Traffic light controllers are a fun category
of technical artifacts. The weatherproof boxes that the relays used to live in
have stayed the same size for decades, but now the controllers just take a
teeny tiny circuit board rattling around in this comparativel
On Wed, Nov 23, 2011 at 05:45:08PM -0500, Jay Ashworth wrote:
>
> Yeah. But at least that's stuff you have a hope of managing. "Firmware
> underwent bit rot" is simply not visible -- unless there's, say, signature
> tracing through the main controller.
I can't speak to traffic light controller
On 11/23/11 3:38 PM, Jay Ashworth wrote:
> Yes: but as Don Norman would ask: *where was the failure here*? You can't
> blame all of it on the field tech, even though he had the Last Clear Chance
> to avoid it, if the rest of the system wasn't designed to help protect him
> (procedures, labeling,
Original Message -
> From: "Jay Hennigan"
> A somewhat inexperienced technician arrived on scene rebooted the
> controller and it went back to factory defaults which are N/S vs. E/W.
> Had the conflict monitor (a circuit board with a diode array, hardware -
> not software) been correctly
On 11/23/11 2:52 PM, Jay Ashworth wrote:
> Well, sure: what's the *incidence* of conflicting greens?
>
> I wasn't suggesting that the incidence of accidents would be any different
> between conflicting greens and other types of failures (though my intuition
> is that it would be higher), but that
- Original Message -
> From: "Owen DeLong"
> >> but that's not the only risk. When the traffic
> >> signal is failing, even if it's failing with dark or red in every
> >> direction, the intersection becomes more dangerous. Not as
> >> dangerous as conflicting greens,
>
> Within each intersection controller is a PC board with a diode matrix
> called a "conflict monitor". It has inputs from all of the green and
> yellow phases including pedestrian walk signals, turn arrows, etc.
>
> It's the job of the traffic engineer installing the system to program
> the confli
On Tue, Nov 22, 2011 at 04:00:52PM -0800, Joe Hamelin wrote:
> This might be of interest to those wishing to dive deeper into the subject.
>
> Telecommunications Handbook for Transportation Professionals: The Basics of
> Telecommunications by the Federal Highway Administration.
>
> http://ops.fhw
Mark Radabaugh writes:
> On 11/23/11 11:23 AM, valdis.kletni...@vt.edu wrote:
>> On Wed, 23 Nov 2011 11:14:34 EST, Bryan Fields said:
>>> So really all a hacker needs is a pair of dykes, some electrical tape, and
>>> an
>>> all black jumpsuit.
>> Actually, you want a really dark blue jumpsuit.
On 11/23/11 11:23 AM, valdis.kletni...@vt.edu wrote:
On Wed, 23 Nov 2011 11:14:34 EST, Bryan Fields said:
So really all a hacker needs is a pair of dykes, some electrical tape, and an
all black jumpsuit.
Actually, you want a really dark blue jumpsuit. All-black creates a sillouette
in
all but
On Wed, 23 Nov 2011 11:14:34 EST, Bryan Fields said:
> So really all a hacker needs is a pair of dykes, some electrical tape, and an
> all black jumpsuit.
Actually, you want a really dark blue jumpsuit. All-black creates a sillouette
in
all but the very darkest conditions.
pgprHPVYAjpnH.pgp
De
On 11/22/2011 23:29, Jay Hennigan wrote:
> But, an external cracker even with full access won't be able to cause a
> conflict. Massive traffic jams by messing with the timing, short or
> long cycles, etc. but not a conflict.
So really all a hacker needs is a pair of dykes, some electrical tape, a
On 11/22/11 8:16 AM, Jay Ashworth wrote:
> - Original Message -
>> From: "Owen DeLong"
>
>> As in all cases, additional flexibility results in additional ability
>> to make mistakes. Simple mechanical lockouts do not scale to the
>> modern world. The benefits of these additional capabilit
"There is no evidence to support claims made in initial reports -- which were
based on raw, unconfirmed data and subsequently leaked to the
media."
http://jeffreycarr.blogspot.com/2011/11/latest-fbi-statement-on-alleged.html
From what I'm seeing and
hearing is the report by the fusion centr
On Nov 22, 2011, at 8:08 58PM, Steven Bellovin wrote:
They do state categorically that "After detailed analysis, DHS and the
FBI have found no evidence of a cyber intrusion into the SCADA system of
the Curran-Gardner Public Water District in Springfield, Illinois."
I'm waiting to see Joe Weiss'
Note to self. When my opc/modbus code goes to hell and wipes out an
hvac unit; blame cyber terrorists, crappy vendors, and provide a random
shady ip address.
This was sad when it was possibly an unprotected network, with poor
password procedures, horrible protection code in the logics, etc et
Like any of the decades largest breaches this could have been avoided by
following BCP's. In addition SCADA networks are easily protected via
behavioral and signature based security technologies.
Steven Bellovin wrote:
>
>On Nov 22, 2011, at 8:08 58PM, Steven Bellovin wrote:
>
>>
>> On Nov
- Original Message -
> From: "Jimmy Hess"
> So you have 3 circuits, and any one circuit can detect the most
> severe potential failure of any pair of the other circuits.
Just so. Byzantine monitoring, just like a Byzantine clock.
Cheers,
-- jra
--
Jay R. Ashworth Bayl
On Tue, Nov 22, 2011 at 5:23 PM, Brett Frankenberger
wrote:
> On Tue, Nov 22, 2011 at 06:14:54PM -0500, Jay Ashworth wrote:
> in a manner that removes voltage from the relays). It doesn't protect
> against the case of conflicting output from the controller which the
> conflict monitor fails to de
On Nov 22, 2011, at 8:08 58PM, Steven Bellovin wrote:
>
> On Nov 22, 2011, at 7:51 59PM, valdis.kletni...@vt.edu wrote:
>
>> On Tue, 22 Nov 2011 13:32:23 -1000, Michael Painter said:
>>
http://jeffreycarr.blogspot.com/2011/11/latest-fbi-statement-on-alleged.html
>>
>>> And "In addition,
On Nov 22, 2011, at 7:51 59PM, valdis.kletni...@vt.edu wrote:
> On Tue, 22 Nov 2011 13:32:23 -1000, Michael Painter said:
>
>>> http://jeffreycarr.blogspot.com/2011/11/latest-fbi-statement-on-alleged.html
>
>> And "In addition, DHS and FBI have concluded that there was no malicious
>> traffic
On Tue, 22 Nov 2011 13:32:23 -1000, Michael Painter said:
> > http://jeffreycarr.blogspot.com/2011/11/latest-fbi-statement-on-alleged.html
> And "In addition, DHS and FBI have concluded that there was no malicious
> traffic from Russia or any foreign entities, as
> previously reported."
It's i
This might be of interest to those wishing to dive deeper into the subject.
Telecommunications Handbook for Transportation Professionals: The Basics of
Telecommunications by the Federal Highway Administration.
http://ops.fhwa.dot.gov/publications/telecomm_handbook/
I'm still digging through it t
andrew.wallace wrote:
Here is the latest folks,
"DHS and the FBI have found no evidence of a cyber intrusion into the SCADA system
in Springfield, Illinois."
http://jeffreycarr.blogspot.com/2011/11/latest-fbi-statement-on-alleged.html
Andrew
And "In addition, DHS and FBI have concluded that
On Tue, Nov 22, 2011 at 06:14:54PM -0500, Jay Ashworth wrote:
> - Original Message -
> > From: "Matthew Kaufman"
>
> > Indeed. All solid-state controllers, microprocessor or not, are required
> > to have a completely independent conflict monitor that watches the
> > actual HV outputs to t
- Original Message -
> From: "Matthew Kaufman"
> Indeed. All solid-state controllers, microprocessor or not, are required
> to have a completely independent conflict monitor that watches the
> actual HV outputs to the lamps and, in the event of a fault, uses
> electromechanical relays to
Steven Bellovin wrote:
On Nov 21, 2011, at 4:30 PM, Mark Radabaugh wrote:
Probably nowhere near that sophisticated. More like somebody owned the PC running Windows 98 being used as an
operator
interface to the control system. Then they started poking buttons on the
pretty screen.
Somew
Here is the latest folks,
"DHS and the FBI have found no evidence of a cyber intrusion into the SCADA
system in Springfield, Illinois."
http://jeffreycarr.blogspot.com/2011/11/latest-fbi-statement-on-alleged.html
Andrew
On 11/22/2011 5:59 AM, Brett Frankenberger wrote:
The typical implementation in a modern controller is to have a
separate conflict monitor unit that will detect when conflicting
greens (for example) are displayed, and trigger a (also separate)
flasher unit that will cause the signal to display
>
>> but that's not the only risk. When the traffic
>> signal is failing, even if it's failing with dark or red in every
>> direction, the intersection becomes more dangerous. Not as dangerous
>> as conflicting greens,
>
> By 2 or 3 orders of magnitude, usually; the second th
On Tue, Nov 22, 2011 at 02:26:34PM -0500, Jay Ashworth wrote:
>
> Yes, but the complexity of a computerized controller is 3-6 orders of
> magnitude higher, *and none of it is visible*
You can't see the electrons in the relays either.
> > Some other things to consider.
> >
> > Relays are more li
> Relay logic has the potential for programming (i.e. wiring) errors
> also.
Yes, but the complexity of a computerized controller is 3-6 orders of
magnitude higher, *and none of it is visible*
> It's not fair to compare "conflict monitor" to "properly programmed
> relay logic". We either have to
On Tue, Nov 22, 2011 at 11:16:54AM -0500, Jay Ashworth wrote:
> - Original Message -
> > From: "Owen DeLong"
>
> > As in all cases, additional flexibility results in additional
> > ability to make mistakes. Simple mechanical lockouts do not scale
> > to the modern world. The benefits of
- Original Message -
> From: "Owen DeLong"
> As in all cases, additional flexibility results in additional ability
> to make mistakes. Simple mechanical lockouts do not scale to the
> modern world. The benefits of these additional capabilities far
> outweigh the perceived risks of program
On Tue, Nov 22, 2011 at 10:16:56AM -0500, Jay Ashworth wrote:
> - Original Message -
> > From: "Brett Frankenberger"
>
> > The typical implementation in a modern controller is to have a separate
> > conflict monitor unit that will detect when conflicting greens (for
> > example) are displ
- Original Message -
> From: "Brett Frankenberger"
> The typical implementation in a modern controller is to have a separate
> conflict monitor unit that will detect when conflicting greens (for
> example) are displayed, and trigger a (also separate) flasher unit that
> will cause the sig
On Mon, Nov 21, 2011 at 11:16:14PM -0500, Jay Ashworth wrote:
>
> Precisely. THe case in point example these days is traffic light
> controllers.
>
> I know from traffic light controllers; when I was a kid, that was my dad's
> beat for the City of Boston. Being a geeky kid, I drilled the guys i
On Mon, 21 Nov 2011 14:24:48 PST, "andrew.wallace" said:
> If NSA had no signals information prior to the attack, this should be a wake
> up call for the industry.
Actually, it should be a wake up call whether or not NSA had signals
information. However, it's pretty obvious that the entire SCADA
On Tue, 22 Nov 2011 07:11:43 +0200, Jussi Peltola said:
> Anybody who has seen what kind of bizarre malfunctions failed
> electrolytics cause in consumer electronics will probably not feel very
> comfortable trusting traffic lights whose safety relies on software that
> is proven correct.
Beware
On Tue, Nov 22, 2011 at 8:35 AM, Mark Radabaugh wrote:
> Having worked on plenty of industrial and other control systems I can safely
> say security on the systems is generally very poor. The vulnerabilities
> have existed for years but are just now getting attention. This is a
> problem that
On Mon, Nov 21, 2011 at 11:16:14PM -0500, Jay Ashworth wrote:
> That implies to me that it is *physically* possible to get opposing greens
> (which we refer to, in technical terms as "traffic fatalities") out of the
> controller box... in exactly the same way that it didn't used to be.
Not necess
- Original Message -
> From: "Jimmy Hess"
> On Mon, Nov 21, 2011 at 3:35 PM, Mark Radabaugh
> wrote:
> > On 11/21/11 10:32 AM, Jay Ashworth wrote:
> > education / resource issue. The existing methods that have been used for
> > years with reasonable success in the IT industry can 'fix' t
On Mon, Nov 21, 2011 at 3:35 PM, Mark Radabaugh wrote:
> On 11/21/11 10:32 AM, Jay Ashworth wrote:
> education / resource issue. The existing methods that have been used for
> years with reasonable success in the IT industry can 'fix' this problem.
The "existing normal methods" used by much of
> Subject: First real-world SCADA attack in US
>
> On an Illinois water utility:
>
> http://www.msnbc.msn.com/id/45359594/ns/technology_and_science-security
"that which does not kill us makes us stronger" --Friedrich Nietzsche
On Nov 21, 2011, at 4:30 PM, Mark Radabaugh wrote:
>>
>>
> Probably nowhere near that sophisticated. More like somebody owned the PC
> running Windows 98 being used as an operator interface to the control system.
> Then they started poking buttons on the pretty screen.
>
> Somewhere there
If NSA had no signals information prior to the attack, this should be a wake up
call for the industry.
Andrew
From: Jay Ashworth
To: NANOG
Sent: Monday, November 21, 2011 3:32 PM
Subject: First real-world SCADA attack in US
On an Illinois water utility
> On an Illinois water utility:
> http://www.msnbc.msn.com/id/45359594/ns/technology_and_science-security
That URL says:
> The Nov. 8 incident was described in a one-page report from the Illinois
> Statewide Terrorism and Intelligence Center, according to Joe Weiss, a
> prominent expert on protec
On Mon, Nov 21, 2011 at 4:51 PM, Jason Gurtz wrote:
>> Having worked on plenty of industrial and other control systems I can
>> safely say security on the systems is generally very poor. The
>> vulnerabilities have existed for years but are just now getting
>> attention.
>
> +1
>
> Just for cont
> Having worked on plenty of industrial and other control systems I can
> safely say security on the systems is generally very poor. The
> vulnerabilities have existed for years but are just now getting
> attention.
+1
Just for context, let me tell everyone about an operational characteristic
o
On Mon, Nov 21, 2011 at 10:32 AM, Jay Ashworth wrote:
> On an Illinois water utility:
>
> http://www.msnbc.msn.com/id/45359594/ns/technology_and_science-security
>
> Cheers,
> -- jra
I can say from experience working on one rural sewage treatment plant
that IT security is not even in their consci
On 11/21/11 4:38 PM, Charles Mills wrote:
Having worked on plenty of industrial and other control systems I can
safely say security on the systems is generally very poor. The
vulnerabilities have existed for years but are just now getting
attention.This is a problem that doesn't really ne
Having worked on plenty of industrial and other control systems I can
safely say security on the systems is generally very poor. The
vulnerabilities have existed for years but are just now getting attention.
This is a problem that doesn't really need a bunch of new legislation.
It's an educati
On 11/21/11 10:32 AM, Jay Ashworth wrote:
On an Illinois water utility:
http://www.msnbc.msn.com/id/45359594/ns/technology_and_science-security
Cheers,
-- jra
Having worked on plenty of industrial and other control systems I can
safely say security on the systems is generally very poor. The
On 11/21/11 4:09 PM, Leigh Porter wrote:
On 21 Nov 2011, at 20:23, "Ryan Pavely" wrote:
Might I suggest using 127.0.0.2 if you want less spam :P
Pretty scary that folks have
1. Their scada gear on public networks, not behind vpns and firewalls.
Do people really do that? Just dump a /24 of ro
On 21 Nov 2011, at 20:23, "Ryan Pavely" wrote:
> Might I suggest using 127.0.0.2 if you want less spam :P
>
> Pretty scary that folks have
> 1. Their scada gear on public networks, not behind vpns and firewalls.
Do people really do that? Just dump a /24 of routable space on a network and
use
- Original Message -
> From: "Mark Foster"
> "First"
Hey; I don't write em; I just quote em. :-)
> https://ciip.wordpress.com/2009/06/21/a-list-of-reported-scada-incidents/
The Willows CA is the only one in the first part of that list that was a)
an actual attack, b) that actually had
Am 21.11.2011 um 21:22 schrieb Ryan Pavely:
> But then again I don't want to goto jail for leaving my car door open and
> having someone steal my car, so nix that idea.
Oh, but you are. (Not sure about criminal liability, but definitely civil.)
--
Stefan BethkeFon +49 151 14070811
"First"
https://ciip.wordpress.com/2009/06/21/a-list-of-reported-scada-incidents/
On 22/11/11 04:32, Jay Ashworth wrote:
> On an Illinois water utility:
>
> http://www.msnbc.msn.com/id/45359594/ns/technology_and_science-security
>
> Cheers,
> -- jra
- Original Message -
> From: "Ryan Pavely"
> Perhaps the laws people suggest we need to protect ourselves should be
> added to. If you are the operator of a network and due to complete
> insanity leave yourself wide open to attack, you are just as guilty as
> the bad guys... But then agai
Might I suggest using 127.0.0.2 if you want less spam :P
Pretty scary that folks have
1. Their scada gear on public networks, not behind vpns and firewalls.
2. Allow their hardware vendor to keep a list of usernames / passwords.
2b. Obviously don't change these so often. Whens the last time t
I checked the SCADA boxes used in our "smart" building. They are all using
127.0.0.1
Is that a security risk?
--
Leigh Porter
On 21 Nov 2011, at 19:20, "Arturo Servin" wrote:
>
>I wonder if they are using private IP addresses.
>
> -as
>
> On 21 Nov 2011, at 13:32, Jay Ashworth wrote:
LOL. I see what you did there.
-Hammer-
"I was a normal American nerd"
-Jack Herer
On 11/21/2011 01:17 PM, Arturo Servin wrote:
I wonder if they are using private IP addresses.
-as
On 21 Nov 2011, at 13:32, Jay Ashworth wrote:
On an Illinois water utility:
http://www.msn
I wonder if they are using private IP addresses.
-as
On 21 Nov 2011, at 13:32, Jay Ashworth wrote:
> On an Illinois water utility:
>
> http://www.msnbc.msn.com/id/45359594/ns/technology_and_science-security
>
> Cheers,
> -- jra
> --
> Jay R. Ashworth Baylink
On an Illinois water utility:
http://www.msnbc.msn.com/id/45359594/ns/technology_and_science-security
Cheers,
-- jra
--
Jay R. Ashworth Baylink j...@baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associ
69 matches
Mail list logo
