I might be being naive ...

Myranda

http://www.bbc.co.uk/news/technology-23720310

But.

Surely the easiest answer to cyber attacks from an external source is to not put such infrastructure online.

Can't see the necessity of a water pump being able to check its Facebook page. 

OilCityPickups

That's pumpist! They soldier away in often dirty conditions for long hours ... often handling substances we'd rather not think about ... then you'd deny them a little social life in their down time? Shame on you!

chillidoggy

I've always been puzzled by this, but it appears remote control and monitoring of utilities is de rigueur these days. And I suppose once you introduce a telephone line into things, you open up a whole world of opportunities for systems hacking.

Myranda

Remote monitoring is pretty easy to implement without security features being put at risk... have a radio system which is only capable of transmitting rather than receiving... 

As for remote control this is surely only valid in the case of everyone at the pumping station being dead or hijacked - so have a system where there's no receive circuit while the site is manned with a cut off if a security alarm is triggered (which also turns off local control till all clear is given)... 

As is, you have a bunch of networked computers plugged into the internet. In the last few years power stations have been hacked and the power in large parts of Brazil turned off... How much benefit is there for remote access which outweighs the problems?

Ok I can understand a nuclear power station having a remote off switch in case of emergency - but make it a direct wired connection to the station close enough to be as easy to guard, but far enough away that most accidents will leave it standing (and lets face it, if an accident is so bad that it levels a building half a mile away there wont be enough computers left in enough pieces to email an emergency shut down into place... 

But why would a traditional power station need a remote off switch? In case terrorists are maliciously leaving lights on? Worst case scenario is that a terrorist/nasty/baddie group takes control of your power station with the intention of turning off the power to commit some malfeasance under cover of darkness - well,shutting the power off in response to someone threatening to shut the power off is hardly a useful option*

Ok, perhaps you would argue that the staff at these installations could do with email - fine... but just because two computers are housed in the same building, doesn't mean they need to be connected in any way - not just indirectly, but totally disconnected. John in HR doesn't need even indirect access to Turbine control B... 

Unless someone is poisoning water supplies - then infiltrating the pumping stations, there's little benefit to remote access in water supply... but I'd imagine it's probably easier to just poison the water supply and not alert people to your actions by flouncing around with guns in pumping stations... so just put physical security in place to stop the initial tampering and then it wont matter who controls what...

Given that it's been shown recently that people can hack and remote control certain toilets, power stations and cars is it not about time people start thinking about a disconnected world more? At least in the case of things you never want strangers to control...

Also were I a malefactor of some kind, I'd surely want to hack drone control more than water supplies - being able to bomb a population fairly indiscriminately seems a better option.

*OK, the Americans have this with their internet - in the case of a major cyber attack they can shut off the US internet... most common cyber attacks are denial of service... so... turn it off to stop it being turned off...

blindlemonade

TheGuitarWeasel said:

That's pumpist! They soldier away in often dirty conditions for long hours ... often handling substances we'd rather not think about ... then you'd deny them a little social life in their down time? Shame on you!

Yeah, I've caught my electric meter looking at meter-porn on the web, and as for the gas meter... words fail me! 

frankus

Hacking is a government past-time for some countries these days, the attack on RSA a few years ago was traced to one growing country that took up to 8 months of slow steady attempts by hundreds of operators to gain entry into the most sensitive areas, starting with social engineering to gain access to minor accounts. RSA profits suffered because they had to reissue all their fobs and confidence in their solution was dented. Job done.

In the case of power stations a power surge is just as problematic as shortage. Mischeif costs money - it's not all terrorists or disgruntled employees.

As for stuff all being connected to the same networks, IT people in massive companies like to collate their logging information on one repository and have unified user interfaces... in the days before twitter the fridge at one place had it's own email account.

digitalscream

Myranda said:

Remote monitoring is pretty easy to implement without security features being put at risk... have a radio system which is only capable of transmitting rather than receiving... 

Even that's not a guaranteed recipe for security, though; there are still opportunities to cause disruption if you can stage a man-in-the-middle attack whereby you send fake failure signals to the monitoring system, thus triggering some sort of response which can then be exploited (whether technically or in person).

Myranda

Well, then put the data into an unusual file formate, salt it and encrypt it to AES 512 or better... use RONJA through underground plastic pipe. Change the encryption key daily (not that at 512 bit AES will it be likely to be cracked in that time!). Pressurise the plastic pipe so if anyone cuts the pipe to MitM the beam you'll know automatically.

ICBM

All these solutions - including putting actual people on site to monitor things just like in the old days - cost more money though, so are A Non Starter.

(I completely agree with you by the way.)

Myranda

It does cost money - but so do all the government funded reports into the issue, and the panicked fumbing to try and shore things up piecemeal and then doing it all again in a few years time

frankus

I think you're looking at this all wrong. Get involved, be part of the problem, get a job, get paid ... lots.

No IT problem will ever be solved with a "big bang approach" - it will take years and you get paid most in the jobs that simply test your patience the most, so learn to be patient and live comfortably.

ICBM

Myranda said:

It does cost money - but so do all the government funded reports into the issue, and the panicked fumbing to try and shore things up piecemeal and then doing it all again in a few years time

Of course, but those are dealt with by different sets of accountants in the private and public sectors so the costs incurred by the state fixing the mess don't affect the decision-making of the privatised companies who made it.

Myranda

frankus said:

I think you're looking at this all wrong. Get involved, be part of the problem, get a job, get paid ... lots.

No IT problem will ever be solved with a "big bang approach" - it will take years and you get paid most in the jobs that simply test your patience the most, so learn to be patient and live comfortably.

Well, I'm doing my best... learning, applying... 

frankus

I've known people in the banking sector be fired for solving a problem on their own

Jalapeno

To use your wireless radio analogy - if it really were just monitoring it'd be straightforward, but they mix the traffic for "savings", and rather than using PLC technology (Programmable Logic Controller) - which CAN be programmed with mathematical proofs of integrity that they only do what they're intended to do, they are beginning to use small computers with an O/S ... the rest of the subversion is easy.  Although as long as the physical interfaces are still read only - not a lot can be done other than mis-reporting.

In high assurance environments (e.g. Nuclear Power Stations) computer monitoring is still read-only - people still turn valves mechanically (with umpteen double checks etc), not necessarily manually, they can be servo assisted & remote, but not computer controlled because getting the assurance levels needed would be nigh on impossible.

</nerd>