[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] east coast powergrid / SCADA [OT?]
- To: full-disclosure@lists.netsys.com
- Subject: RE: [Full-Disclosure] east coast powergrid / SCADA [OT?]
- From: Joshua Thomas <JThomas@poweronemedia.com>
- Date: Fri, 15 Aug 2003 18:11:29 -0400
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2653.12">
<TITLE>RE: [Full-Disclosure] east coast powergrid / SCADA [OT?]</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2>It wasn't. Say some luser with an unpatched/compromised laptop connected to the network. *poof*</FONT>
</P>
<P><FONT SIZE=2>What I have more trouble believing is that a single workstation/controlstation would allow a large enough change to a power plant to cause an effect like this.</FONT></P>
<P><FONT SIZE=2>In an ideal world, doing something like shuting down the whole power station would be like firing a nuke: You need two people with keys, they're too far apart for one person to do it by themself, etc.</FONT></P>
<P><FONT SIZE=2>Just my $.02.</FONT>
</P>
<P><FONT SIZE=2>Joshua Thomas</FONT>
<BR><FONT SIZE=2>Network Operations Engineer</FONT>
<BR><FONT SIZE=2>PowerOne Media, Inc.</FONT>
<BR><FONT SIZE=2>tel: 518-687-6143</FONT>
<BR><FONT SIZE=2>jthomas@poweronemedia.com </FONT>
</P>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: gml [<A HREF="mailto:gml@phrick.net";>mailto:gml@phrick.net</A>]</FONT>
<BR><FONT SIZE=2>Sent: Friday, August 15, 2003 4:50 PM</FONT>
<BR><FONT SIZE=2>To: RMcElroy@mbe.com; scheidell@secnap.net; tetsujin@comcast.net</FONT>
<BR><FONT SIZE=2>Cc: full-disclosure@lists.netsys.com</FONT>
<BR><FONT SIZE=2>Subject: RE: [Full-Disclosure] east coast powergrid / SCADA [OT?]</FONT>
</P>
<BR>
<P><FONT SIZE=2>I can't image that anything really important would be connected to the</FONT>
<BR><FONT SIZE=2>internet. Then again who knows right.</FONT>
</P>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: full-disclosure-admin@lists.netsys.com</FONT>
<BR><FONT SIZE=2>[<A HREF="mailto:full-disclosure-admin@lists.netsys.com";>mailto:full-disclosure-admin@lists.netsys.com</A>] On Behalf Of</FONT>
<BR><FONT SIZE=2>RMcElroy@mbe.com</FONT>
<BR><FONT SIZE=2>Sent: Friday, August 15, 2003 3:41 PM</FONT>
<BR><FONT SIZE=2>To: scheidell@secnap.net; tetsujin@comcast.net</FONT>
<BR><FONT SIZE=2>Cc: full-disclosure@lists.netsys.com</FONT>
<BR><FONT SIZE=2>Subject: RE: [Full-Disclosure] east coast powergrid / SCADA [OT?]</FONT>
</P>
<P><FONT SIZE=2>At least on the west coast they do not, I think the requirements of the</FONT>
<BR><FONT SIZE=2>systems are way out of Microsoft's range. Lot's and Lot's of Unix</FONT>
</P>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: Michael Scheidell [<A HREF="mailto:scheidell@secnap.net";>mailto:scheidell@secnap.net</A>] </FONT>
<BR><FONT SIZE=2>Sent: Friday, August 15, 2003 11:36 AM</FONT>
<BR><FONT SIZE=2>To: tetsujin</FONT>
<BR><FONT SIZE=2>Cc: full-disclosure@lists.netsys.com</FONT>
<BR><FONT SIZE=2>Subject: Re: [Full-Disclosure] east coast powergrid / SCADA [OT?]</FONT>
</P>
<BR>
<P><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> Paller said it is "highly unlikely" that the process control computers</FONT>
</P>
<P><FONT SIZE=2>> behind critical infrastructure like power in the United States would </FONT>
<BR><FONT SIZE=2>> run on the Windows operating system.</FONT>
</P>
<P><FONT SIZE=2>well, ONTARIO HYDRO does seem to have SOME windoes boxes.. at least here</FONT>
<BR><FONT SIZE=2>is one that appears to have been infected with slammer:</FONT>
</P>
<P><FONT SIZE=2><A HREF="http://www.hackertrap.net/LID.pl?IID=39335068"; TARGET="_blank">http://www.hackertrap.net/LID.pl?IID=39335068</A></FONT>
</P>
<P><FONT SIZE=2>(Aug 9th through the 12th?)</FONT>
</P>
<BR>
<P><FONT SIZE=2>-- </FONT>
<BR><FONT SIZE=2>Michael Scheidell, CEO</FONT>
<BR><FONT SIZE=2>SECNAP Network Security, LLC </FONT>
<BR><FONT SIZE=2>Sales: 866-SECNAPNET / (1-866-732-6276)</FONT>
<BR><FONT SIZE=2>Main: 561-368-9561 / www.secnap.net</FONT>
<BR><FONT SIZE=2>Looking for a career in Internet security?</FONT>
<BR><FONT SIZE=2><A HREF="http://www.secnap.net/employment/"; TARGET="_blank">http://www.secnap.net/employment/</A></FONT>
</P>
<P><FONT SIZE=2>_______________________________________________</FONT>
<BR><FONT SIZE=2>Full-Disclosure - We believe in it.</FONT>
<BR><FONT SIZE=2>Charter: <A HREF="http://lists.netsys.com/full-disclosure-charter.html"; TARGET="_blank">http://lists.netsys.com/full-disclosure-charter.html</A></FONT>
<BR><FONT SIZE=2>_______________________________________________</FONT>
<BR><FONT SIZE=2>Full-Disclosure - We believe in it.</FONT>
<BR><FONT SIZE=2>Charter: <A HREF="http://lists.netsys.com/full-disclosure-charter.html"; TARGET="_blank">http://lists.netsys.com/full-disclosure-charter.html</A></FONT>
</P>
<P><FONT SIZE=2>_______________________________________________</FONT>
<BR><FONT SIZE=2>Full-Disclosure - We believe in it.</FONT>
<BR><FONT SIZE=2>Charter: <A HREF="http://lists.netsys.com/full-disclosure-charter.html"; TARGET="_blank">http://lists.netsys.com/full-disclosure-charter.html</A></FONT>
</P>
</BODY>
</HTML>