Submitted by A Windows virus hit the display consoles in the control room of the Australian national electricity grid, presumably leaving the managers bind to the system status. Luckily, system administrators had Linux-based systems for development that could be swapped out for the disabled Windows machines. It seems as much of a failure to properly maintain the Windows machines as a failure of judgment in using a virus-susceptible OS for mission critical systems, but it’s fun schadenfreude fodder for Windows haters.
Why are infrastructure critical systems connected to the internet in the first place? Especially with “ineffective segregation” or “more typically none at all”.
^
What the man said. Windows or w/e.
At work there are enough examples of people bringing movies on dvd to work for free moments. Those are certainly not all official copies, so they don’t need a direct connection to bring viruses in.
On the other hand I totally agree that there are too many critical systems connected to the internet.
For the same reason they chose Windows or fail to maintain it – they don’t understand the implications.
you cannot simply unplug a control computer from the net
and no I don’t mean internet but the internal network….obviously there are other machines connected to the internet and to the internal network and they’re the way for the virii to come in
but seriously, selecting a virus prone OS in a mission critical system is a very very bad decision
It’s viruses, and you could use a demilitarized zone or personal firewalls to block incoming ports to the mission-critical systems (except for what is absolutely necessary), and use a static IP configuration without specifying the gateway to avoid any packets from the Internet winding up on the control systems.
It can be done, it’s easy, but the kind of people who’d use Windows in a critical system are probably the kind of people who wouldn’t bother to segregate their systems.
I know several ‘mission critical’-systems that just have two seperate networks, one for control of such a system and one connected to the internet, etc.
And why you’d need cdrom-access to the control-system of a critical-system to play a dvd I wouldn’t know.
You don’t use firewalls, etc. you just don’t connect the networks, that’s the easiest way to handle these things.
I would say the windows machines where more of a monitoring terminal and the actual process control system would be something a bit more custom. At least this is what I saw last time I had anything to do with our supply authority.
What’s the reason for using Windows as a terminal in sensitive environments? It’s not like they need to be running MS Office on it, so they should have a very secured *nix like terminal instead (with RDP or whatever). When will IT people learn?
This reminds me there are nuclear submarines and carriers with Windows Inside(tm). It’s not that they are not secured with a shit load of policies, but still…
This made me think about those nuclear-armed British submarines running windows.
BSOD! Oh no we are fuc….BOOOOM!*
I think some finnish cannons have Windows too, but I doubt that they are connected to the internet in any way.
It would be interesting to see some warfare with linux too. Maybe we could even have some opensource warfare
software
Why does one use Windows for a critical infrastructure system? Maybe because they do not have a choice.
Most process control HMIs (human-machine interfaces) and servers these days run Windows. The “why Windows” question is one for the system vendors. We users of process control ask it repeatedly. The vendors give all kinds of reasons (“the customers want it” is my favorite) but I don’t really know why. Most process control and SCADA users accept it as a necessary evil.
The utility in the article is fortunate to still have a Unix option, and probably shot themselves in the foot using Windows as X-terminals. For the rest of us, we have to worry about firewalls; we don’t connect our systems to the Internet, but non-networked systems aren’t a palatable option any longer except at the NSA and maybe in nuke plants. We have to worry about anti-virus software, as viruses are getting back to the old standby of propagation by removable media. In addition, the system vendors are only now starting to clue into security; their software often must run with admin privileges, and since they must test patches thoroughly to make sure they won’t shut your plant down, you might get patch Tuesday about once every 3 months.
In other words, we must be competent and diligent IT admins now in addition to being engineers.
Oh well…at least the controllers don’t typically run Windows. But their OS writers’ ignorance of security often leaves them even more vulnerable
And at that point, the non stupid companies will simply choose ANOTHER vendor of said human interface systems, rather than bend over and take it.
“And at that point, the non stupid companies will simply choose ANOTHER vendor of said human interface systems, rather than bend over and take it.”
Yeah, we would love to. But let me give you an idea of what we are dealing with.
Top DCS Vendors (DCS = Distributed Control System, a networked system of controllers, I/O, servers, and workstations used to control most larger power plants, refineries, chemical plants, food processing, pharmaceutical manufacturing facilities, etc.)
===============================================
Honeywell: Windows
Emerson: Windows (on DeltaV, their primary offering. They have a legacy niche offering mostly used in power plants that ran Unix at one time.)
Invensys: recently ditched Unix for Windows
Siemens: Windows
ABB: Windows. (Used to have Unix, don’t know if they still do.)
PLC vendors (PLC = programmable logic controller, a high-speed logic processor commonly used in discrete manufacturing and some smaller continuous plants). I list the vendor’s native HMI/programming platform.
=====================================================
Rockwell/Allen-Bradley: Windows
Schneider/Modicon: ???
GE: Windows
Siemens: Windows
ABB: Windows, maybe other.
Safety/Turbomachinery PLCs (same as above, but for high-integrity applications.
=====================================================
Invensys/Triconex: Windows
HIMA: Windows
Rockwell/ICS Triplex: Windows
ABB (old Moore Quadlog): Windows
Honeywell: Windows
Emerson: Windows
Bottom line is, if you want any kind of major industry player for your control system, you _will_ be using Windows, like it or not.
On a more positive note, the ISA (Instruments, Systems, and Automation) Society had some security talks at its annual Expo this week. They even had a wireless hacking demo. In 5 years they may be co-showing with DefCon
so go without major players, as a bonus it will probably end up cheaper aswell
First of all, in many settings where you find full-featured and expensive “Windows” PCs (hardware, power consumption, license, maintenance), thin clients would be the better choice. I regularly see such PCs used as 5250 terminals – they only run a 80×25 text mode dialog program whole day long, nothing more!
Past repeats. Again. As so often, especially when it’s about stupidity and criminal intentions (one benefiting the other).
Words like “competent”, “diligent”, “engineer”… you don’t hear them where the decisions are made.
I’ve been in a hospital and could easily access confidential patient data by simply plugging my laptop into one of the LAN connectors scattered all over the walls. After some small talk with the hospital’s IT guy, he told me that “management wanted it that way; we had Sun equipment in the past, which worked fine, but then someone came up with the idea that we needed something ‘new and modern’, so we had to completely switch our systems, and I’ve been advised to ‘make it easy’ and ignore security considerations when ‘doctors and nurses complain about less comfort'”. Can you imagine how scared I was? They even didn’t let him restrict DHCP offers to known clients, no! Doctors who bought a new laptop should be able to use it right away before having an administrator register its MAC.
I’ve even seen ICU’s systems (not sure if for controlling ir “just” for monitoring) running “Windows”; here, the famous term BSOD becomes a very true meaning. 🙂
(ICU = Intensive care unit)
Imagine that happening in a nuclear power plant
We would have a major disaster on our hand and millions of people would die
I hope someone get sack for this bad management decision to use Windows
modern nuclear power plants aren’t as fragile as you imply
It seems really dumb to suggest that Linux is not a ‘virus-susceptible’ system. What good is news coming from a discredited source…?