Water System Hack 14

[1503-44]

Florida water supply system hacked. Chemical dosage modified to dangerous levels.
It is OK to monitor systems via Internet, but control via web-connected systems push the risk. Why are controls of critical infrastructure connected to the ^#%#$ internet? Should remote control of critical systems not be limited to private networks with an Internet air gap. IOT is starting to look more like I-DI-OT.

https://www.zdnet.com/article/hacke...24849504930128109&mid=13262151&cid=2369075451

 

[thebard3]

It was apparently pretty easy to get Stuxnet across the air-gap. Copies were simply sprinkled around and it was designed to be promiscuous so it spread widely. It was inevitable that it would eventually end up just about everywhere. It was undetected and largely dormant except in the single facility with the network infrastructure that it was looking for. The hardest part of deploying it was to prevent it from being discovered in the first place.

Brad Waybright

The more you know, the more you know you don't know.

 

[waross]

Some years ago a major petro-chemical plant went down for about 4 hours.
The reason?
Someone at a terminal open for the use of employees tried to use a company account to order an adjustable wrench for personal use.
He hadn't done orders on the computer before and made a mistake.
If you accidentally get into the main program and type in a wrench order, strange things happen.
No. It wasn't me.


Bill
--------------------
Ohm's law
Not just a good idea;
It's the LAW!

 

[dik]

That's true with so much malware... one of the main issues is... if the 'good' guys are making this stuff... wonder what the 'bad guys' are doing? and, how long before if finds itself in the public domain. I think it's a matter of time.

Rather than think climate change and the corona virus as science, think of it as the wrath of God. Feel any better?

-Dik

 

[dik]

waross... it was a prybar, you wanted?

Rather than think climate change and the corona virus as science, think of it as the wrath of God. Feel any better?

-Dik

 

[moon161]

A USB stick left in a parking lot will defeat an air gap.

 

[IRstuff]

SD card, for sure, particularly since they're so easy to lose in the first place.

TTFN (ta ta for now)
I can do absolutely anything. I'm an expert!

https://www.youtube.com/watch?v=BKorP55Aqvg

faq731-376 forum1529 Entire Forum list

http://www.eng-tips.com/forumlist.cfm

 

[RedSnake]

(The hardest part of deploying it was to prevent it from being discovered in the first place.)

Well since it only was allowed to infected three other computers and never did anything with the computer unless it had Siemens Step7 on it, and even then it did no anything just waited for a PLC to turn up that it could infect.
We probably have it on all our PLC:s at work that where installed before 24 June 2012 when it erased itself.

Best Regards A


“Logic will get you from A to Z; imagination will get you everywhere.“
Albert Einstein

 

[1503-44]

waross, So he got a "spanner in the works" instead of his adjustable wrench.

 

[RedSnake]

We sometimes force-control the relays manually to see if the machine starts, so you know that you can troubleshoot based on that.
Once when I was younger I was doing such a troubleshooting in a press, and just when I pressed the relay, it became pitch black and the whole factory stopped.

And what I was thinking then ..well .... I do not know if I want to repeat it here ..

But it turned out to be just a normal power outage.

Best Regards A

“Logic will get you from A to Z; imagination will get you everywhere.“
Albert Einstein

 

[FACS]

I'm still wondering what a hole factory is.

 

[RedSnake]

Well we manufacture black holes that's why it goes pitch black sometimes ;-)

Best Regards A

“Logic will get you from A to Z; imagination will get you everywhere.“
Albert Einstein

 

[1503-44]

Maybe a sand and gravel pit.
Or a tunnel boring machine?

 

[dik]

Yup... whenever I leave the house with client data, it's on an encryted USB stick... just don't want the embarrassment of losing it... good encryption, not super... I often used to travel to various offices to work...

Rather than think climate change and the corona virus as science, think of it as the wrath of God. Feel any better?

-Dik

 

[waross]

I'm still wondering what a hole factory is.

In Canada that would be where Tim Horton's gets their doughnut holes.

As for the wrench IT WASN"T ME.
I did once work at a plant where the assistant manager reviewed all purchase orders and trashcan the whole order if any tools were ordered.
I still remember that WT111m is the catalog number for a Stakon crimping tool.
Had it for years.

Bill
--------------------
Ohm's law
Not just a good idea;
It's the LAW!

 

[dik]

and the age old question, "What's the speed of dark?"

Rather than think climate change and the corona virus as science, think of it as the wrath of God. Feel any better?

-Dik

 

[dik]

Now, that's heavy...

Rather than think climate change and the corona virus as science, think of it as the wrath of God. Feel any better?

-Dik

 

[bimr]

I think it's unlikely there was any real public health risk. The 'poison' was sodium hydroxide. I doubt that the levels were high enough to have any lasting health effects if it made it out of the plant, but I'm sure there is real-time monitoring and alarming to take place in the event of this kind of trouble. If it was someone who knew how to circumvent these layers of safety, then I'd say it had to be a disgruntled employee or ex employee. Either way, the culprit is likely to be identified quickly.

Agree that it is unlikely to add enough sodium hydroxide. The pumps that are used to inject chemicals such as sodium hydroxide will not have the capacity that will allow a massive amount of chemical to be injected. I would expect the pumps to have a 10:1 turndown and you would want the pump to be operating in the mid-range of capacity. It is also common to have a pH sensor to monitor the pH.

However, there is one area of concern at water treatment plants. Many water treatment plants in the US add fluoride which is an extremely poisonous substance. The normal amount added is just 1 mg/L. It is easy to overdose fluoride and there is typically no affordable sensor that monitors fluoride.

Overfeeding Fluoride

 

[MartinLe]

"However, there is one area of concern at water treatment plants. Many water treatment plants in the US add fluoride which is an extremely poisonous substance. The normal amount added is just 1 mg/L. It is easy to overdose fluoride and there is typically no affordable sensor that monitors fluoride."

on one hand, this is knowledge that someone who really wants to harm people might not have.
On the other hand, water plant operators/designers should think more about hacking and what would be really dangerous

 

[SwinnyGG]

this is knowledge that someone who really wants to harm people might not have.

Except that now it's on the internet.

 

[cranky108]

I would like to know what is a "normal power outage"?

We don't have those. I know because one of my tasks is to investigate power outages.

We have the animal, the tree, the bad driver, wind, lighting, the overload, equipment failure, dig in, that is most of them. But no normal, unless it could be a planned outage.

Or maybe I don't accept the normal as a power outage.

I was not aware how much fluoride was the wrong level, but that Cl gas can be a problem.