[Dshield] Re: power outages all across North Eastern US

Andre Ludwig ALudwig at Calfingroup.com
Thu Aug 14 22:14:18 GMT 2003


I would assume every single SCADA node would need to be patched depending on
the level of services accessible via the Network interface.  From my
understanding most SCADA systems are simply semi stripped nt or win2k boxes
running custom IO/control software.  All remotely administered by a master
Controller. 

I of course am not a SCADA design engineer just a security geek.

And yes speculation is just that speculation. I wouldn't be to surprised if
somehow blaster or some variant found its way into the scada networks of a
few Power companies.  Like you guys said hundreds of times before all it
takes is one laptop.  Maybe a technician plugged into to check status of one
of the valves or control modules of the Mohawk-Niagara grid. And boom the
worm was launched and started to attack the actual scada systems that were
vulnerable (if any). Needless to say this is all conjecture and hear say.
All though plausible lets face it i would hope the people in charge are a
bit smarter then that. But you never know.  My original intent of posting my
reply about possible SCADA attacks was to ferret out anyone who has more
knowledge of the subject then i do.  So if there is anyone like that on this
list please do email me or the list in response. I would love to learn a bit
more about all this. 

Andre Ludwig, CISSP



-----Original Message-----
From: Kenneth Coney [mailto:superc at visuallink.com]
Sent: Thursday, August 14, 2003 2:39 PM
To: list at dshield.org
Subject: [Dshield] Re: power outages all across North Eastern US


Yup.. Lead story on every channel.  If it is our worm, look for more 
problems as the computers that run chillers and back up generators are more 
and more often accessed remotely by technicians using a company supplied 
laptop.  If it is the worm that caused the outage, then while it may have 
been poorly written, it did do a major hit to the infrastructure. 
Someone's head will roll because there was supposedly a specific team 
specializing in protecting power grids on the internet.  Gadzooks, how many 
servers do the power companies own that have to be patched?


Subject:
[Dshield] power outages all across North Eastern US
From:
"Johannes B. Ullrich" <jullrich at sans.org>
Date:
Thu, 14 Aug 2003 15:49:09 -0400
To:
list at dshield.org

This message was converted from multipart/signed to ascii armored
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable


There are major power outages all across the
North Eastern US. New York City, Cleveland,
Detroit...







_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list