Russian hackers burn out Illinois public water system pump
You'd be surprised.Skipjack wrote:What idiot connects crucial facilities like these to the internet?
I teach network systems security and computer forensics, and quite often wonder how public and private sector alike, can be so reckless with their systems.
Looks like too few are able to learn without getting beaten a few times first.
"The problem is not what we don't know, but what we do know [that] isn't so" (Mark Twain)
Well, it is also a matter of not just making this a rule, but also enforcing it.You're talking way too much common sense now. Most users see network security as an encumbrance to be circumvented. Even when provided with access to a separate unsecured network they'll still want the convenience of not switching over
Barack Obama is from Chicago isn't he? Must be something up there that makes people stupid.Skipjack wrote:What idiot connects crucial facilities like these to the internet?
‘What all the wise men promised has not happened, and what all the damned fools said would happen has come to pass.’
— Lord Melbourne —
— Lord Melbourne —
Actually, to give you a fair answer, much of the modern day *SCADA system equipment is hooked to the internet for the purpose of allowing an off site expert to fix and resolve problems with it, or to implement other changes to the software. Not too many people on many sites know how to do the programing. They just operate the equipment.Skipjack wrote:What idiot connects crucial facilities like these to the internet?
*Supervisory Control and Data Acquisition.
‘What all the wise men promised has not happened, and what all the damned fools said would happen has come to pass.’
— Lord Melbourne —
— Lord Melbourne —
The do savety by obscurity. Only connect to the internet in the case that it is neede and be offline most of the time. Unless you have hackers wait for months for that short opportunity window to get in there, they wont get in.Actually, to give you a fair answer, much of the modern day *SCADA system equipment is hooked to the internet for the purpose of allowing an off site expert to fix and resolve problems with it, or to implement other changes to the software. Not too many people on many sites know how to do the programing. They just operate the equipment.
You mean obscurity by security? It's common practice, but really to prevent unauthorized devices on one's network why not implement 802.1x with radius server. This significantly reduces the risk of exploitation.Skipjack wrote:The do savety by obscurity. Only connect to the internet in the case that it is neede and be offline most of the time. Unless you have hackers wait for months for that short opportunity window to get in there, they wont get in.Actually, to give you a fair answer, much of the modern day *SCADA system equipment is hooked to the internet for the purpose of allowing an off site expert to fix and resolve problems with it, or to implement other changes to the software. Not too many people on many sites know how to do the programing. They just operate the equipment.
There appears to be quite a few idiots who think that is a good idea.Skipjack wrote:What idiot connects crucial facilities like these to the internet?
http://www.ecnmag.com/Blogs/2011/11/Sma ... Security-/
Engineering is the art of making what you want from what you can get at a profit.