~e; Embedded Control Systems and Security
From
bc <human@electronetwork.org>
Date
Wed, 17 Jul 2002 23:34:28 -0500
[this forwarded snippet of a newsletter (subbing info
below) relates to the potential 'threat' of an attack,
via computers, on large technological systems, such as
dams, that was mentioned on the list a few weeks back.
if anyone likes to know more about such issues, you
may be interested in an e-mail list called RISKs-digest
which compiles oddities and errors within such systems.]
> CRYPTO-GRAM
>
> July 15, 2002
>
> by Bruce Schneier
> Founder and CTO
> Counterpane Internet Security, Inc.
> schneier@counterpane.com
> <http://www.counterpane.com>
>
>
>A free monthly newsletter providing summaries, analyses, insights,
>and commentaries on computer security and cryptography.
>
>Back issues are available at
><http://www.counterpane.com/crypto-gram.html>. To subscribe, visit
><http://www.counterpane.com/crypto-gram.html> or send a blank
>message to crypto-gram-subscribe@chaparraltree.com.
>
>Copyright (c) 2002 by Counterpane Internet Security, Inc.
>
>
>** *** ***** ******* *********** *************
>
>In this issue:
> Embedded Control Systems and Security
> ... <snip>
>
>
>** *** ***** ******* *********** *************
>
> Embedded Control Systems and Security
>
>
>There's a whole lot of embedded control systems in our society,
>controlling things as diverse as vending machines and automobiles
>and power plants, and they've been designed with not a whole lot of
>security.
>
>Actually, mostly they've mostly been designed with no security. And
>that's not a good thing.
>
>These are distributed control systems (DCS), or supervisory control
>and data acquisition (SCADA) systems. The simplest ones just carry
>measurement data. More complicated ones throw railway switches,
>open and close circuit breakers, and adjust valve flow in lots of
>different pipelines. The most complicated ones control devices and
>systems at an even higher level.
>
>For the most part, these systems have been obscure and isolated --
>this is why their designers never bothered with security -- but more
>and more they're being connected to the Internet. And the fear is
>that now they can be taken over by hackers, criminals, or (gasp!)
>terrorists.
>
>This has been true for decades now, but the War on (Some) Terrorism
>has brought this into the news. Many are worried that that some
>terrorist with a laptop in Peshawar can open the floodgates of a dam
>in the United States, or shut down the American power grid. It's a
>frightening prospect.
>
>And certainly the threats are real. These systems can be
>successfully attacked. And given the sheer complexity of some of
>the systems being controlled, catastrophic failures are certainly
>possible.
>
>But I think they're unlikely. First, as insecure as the systems
>are, it's hard to hack in and do maximum damage. It's probably easy
>to hack in and stumble around until something breaks, but that's not
>nearly as spectacular. For once, obscurity is working in our favor;
>the simple facts that the commands are arcane and obscure, the
>effects of individual changes are not obvious, and there are no
>readily available manuals, makes the system more secure.
>
>Second, low-tech terrorism is much more reliable, and much more
>effective, than high-tech. While these threats are real, I rate
>them as lower than explosives or lunatics with automatic weapons.
>Sure, opening sewage floodgates into the river will make headlines,
>but bombing one of the three water tunnels into Manhattan will do
>much more damage.
>
>The real threat here is the remote attacker. I think the likely
>scenario is that some terrorist-wannabe -- not a real terrorist but
>someone who reads about terrorism in the press and is sympathetic --
>in some random country will try to attack infrastructures this way.
>They'll break in, and they'll do some random damage. It won't be
>spectacular, but it will be successful.
>
>The solution is twofold. One, keep critical DCS and SCADA systems
>off the Internet. Two, fix the protocols to add security. And
>three, don't panic about the threats; the risk isn't that great.
>
>
>Point: We're at risk.
><http://www.washingtonpost.com/wp-dyn/articles/A50765-2002Jun26.html>
><http://news.bbc.co.uk/hi/english/sci/tech/newsid_2070000/2070706.stm>
><http://www.cnn.com/2002/US/06/27/alqaeda.cyber.threat/index.html>
>
>Counterpoint: No, we're not.
><http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2002/06/3
>0/MN152350.DTL>
>
>An actual attack:
><http://www.theregister.co.uk/content/4/22579.html>
>
>
>** *** ***** ******* *********** *************
><snip>
>** *** ***** ******* *********** *************
>
>
>CRYPTO-GRAM is a free monthly newsletter providing summaries,
>analyses, insights, and commentaries on computer security and
>cryptography. Back issues are available on
><http://www.counterpane.com/crypto-gram.html>.
>
>To subscribe, visit <http://www.counterpane.com/crypto-gram.html> or
>send a blank message to crypto-gram-subscribe@chaparraltree.com. To
>unsubscribe, visit <http://www.counterpane.com/unsubform.html>.
>
>Please feel free to forward CRYPTO-GRAM to colleagues and friends
>who will find it valuable. Permission is granted to reprint
>CRYPTO-GRAM, as long as it is reprinted in its entirety.
>
>CRYPTO-GRAM is written by Bruce Schneier. Schneier is founder and
>CTO of Counterpane Internet Security Inc., the author of "Secrets
>and Lies" and "Applied Cryptography," and an inventor of the
>Blowfish, Twofish, and Yarrow algorithms. He is a member of the
>Advisory Board of the Electronic Privacy Information Center (EPIC).
>He is a frequent writer and lecturer on computer security and
>cryptography.
>
>Counterpane Internet Security, Inc. is the world leader in Managed
>Security Monitoring. Counterpane's expert security analysts protect
>networks for Fortune 1000 companies world-wide.
>
><http://www.counterpane.com/>
>
>Copyright (c) 2002 by Counterpane Internet Security, Inc.
the electromagnetic internetwork-list
electromagnetism / infrastructure / civilization
archives.openflows.org/electronetwork-l
http://www.electronetwork.org/