Offshore Drilling Rigs Vulnerable To Hackers 116
Hugh Pickens writes "Foreign Policy magazine reports that a research team from the SINTEF Group, an independent Norwegian think tank, has warned oil companies worldwide that offshore oil rigs are highly vulnerable to hacking as they shift to unmanned robot platforms where vital operations — everything from data transmission to drilling to sophisticated navigation systems that maintain the platform's position over the wellhead — are controlled via wireless links to onshore facilities. 'The worst-case scenario, of course, is that a hacker will break in and take over control of the whole platform,' says Martin Gilje Jaatun, adding that it hasn't happened yet, but computer viruses have caused personnel injuries and production losses on North Sea platforms. The list of potential cyberattackers includes ecowarriors aiming to jack up an oil firms' production costs, extortionists drawn to oil firms' deep pockets, and foreign governments engaging in a strategic contest for ever-more-scarce global oil reserves, says Jeff Vail, a former counterterrorism and intelligence analyst with the US Interior Department. 'It's underappreciated how vulnerable some of these systems are,' says Vail. 'It is possible, if you really understood them, to cause catastrophic damage by causing safety systems to fail.'"
Astounding (Score:3, Informative)
computer viruses have caused personnel injuries and production losses on North Sea platforms
They run Windows-based control software, and don't take the most basic security precautions such as banning web browsing and operators from executing unsigned files on management consoles?
WTF: OpenSource Tag More Important (Score:0, Informative)
WTF is up with this? SCADA might be an open standard but from what I've seen most of it is definitely not opensource or running on an "opensource" platfrom.
Most rely on the decades-old supervisory control and data acquisition (SCADA) software, written in an era when the "open source" tag was more important than security, said Jeff Vail, a former counterterrorism and intelligence analyst with the U.S. Interior Department.
Re:Astounding (Score:4, Informative)
"I've seen a self-checkout cash register system boot up: Java on top of Windows"
Back in the early 90s I used to work for a firm that did checkout software. When I arrived it was written in C with a large amount of assembler on top of DOS and ran at a blistering pace even on a 286. Then some gimp of a manager got taken to lunch by some greasy haired sales rep and next thing we knew it was being re-written in VB & Powerbuilder (yeah , I know, laugh now but people used to think it was cool) on top of Win 3.1.
Upshot? It ran at about 1/4 the speed and crashed far more often plus the PCs needed to be 386 minimum - cue lots of upgrading by customers.
Apparently they call it "progress".
SINTEF is no "think tank" (Score:5, Informative)
SINTEF [sintef.no] is not a think tank, it is a major applied-research institution [wikipedia.org]. It is similar (with due proportions) to the Fraunhofer Institute in Germany.
The original reports (Score:4, Informative)
The SINTEF-report can be found here:
http://www.springerlink.com/content/8v34n016j3648872/ [springerlink.com]
and the base report for a successful attack is here:
http://sislab.no/redteam.pdf [sislab.no]
SINTEF should not Cry Wolf (Score:5, Informative)
Disclaimer: My first job after graduation was with SINTEF, next I worked 24 years for Hydro/StatoilHydro (Norway's largest offshore oil operator), where I (among many other things) specified how the production and admin networks should be separated on each platform.
First of all: Most North Sea platforms use fiber links these days, microwave is only there as a backup in case something cuts the fiber, which means that if you want to use the radio link as your attack point, you must first locate and disable the fiber(s).
Second, the production networks, which is the only part which can directly affect platform infrastructure has significantly better security than the office/admin net.
I.e. you would first have to hack into the regular StatoilHydro network, then find a way to pass through the admin/process firewall before you could even start to try to take over one or more control computers. (And afaik none of these run any form of open source SCADA sw.)
Finally, the 'integrated operations' mentioned in the article consists of special on-shore operations rooms which have strict physical security checks: The computers inside these rooms are indeed part of the production network, they have no direct links at all to the office/admin net and/or the Internet.
Terje
The real problem is OPC... (Score:3, Informative)
These days everybody runs on Windows XP. No problem there; XP machines can be made secure. The real problem is this quote from the report: "We have performed penetration testing on OPC, which is a central component in process control systems on oil installations.". OPC protocol is based on DCOM. And most people want to do DCOM via a network to remote platforms. That is where the problems start. DCOM is horrible. There are solutions: Matrikon makes a good tunneler program for example, other SCADA and DCS vendors also do tunneling of OPC via safer methods than DCOM over a wide area network.
Conclusion: the report has some good points, the summary in the above link is FUD.
Disclaimer: I work with DCS's (also on remote oil platforms) for a living...
Re:I hope the oil companies will at least... (Score:2, Informative)
The thing about that is that to have one or to people there you need to have the whole set of things to keep people alive. Think space travel (albeit to a far lesser extent.)
One of the projects I was working on called for unmanned operation but people to go onto the platform for offloading (every two weeks.) That caused a real fun 'discussion' coz if you're going to put someone on there every two weeks, you may as well leave them there full time for all the hassle it's going to cause.
Final point: the principle reason for having unmanned platforms is money, but the savings are mainly in the reduced need for safety systems and the lower risk (lower insurance etc.) Putting people out there is an incredible ricky proposition, so just from a safety standard should be avoided whenever possible.
Re:SINTEF should not Cry Wolf (Score:2, Informative)