Offshore Drilling Rigs Vulnerable To Hackers 116
Hugh Pickens writes "Foreign Policy magazine reports that a research team from the SINTEF Group, an independent Norwegian think tank, has warned oil companies worldwide that offshore oil rigs are highly vulnerable to hacking as they shift to unmanned robot platforms where vital operations — everything from data transmission to drilling to sophisticated navigation systems that maintain the platform's position over the wellhead — are controlled via wireless links to onshore facilities. 'The worst-case scenario, of course, is that a hacker will break in and take over control of the whole platform,' says Martin Gilje Jaatun, adding that it hasn't happened yet, but computer viruses have caused personnel injuries and production losses on North Sea platforms. The list of potential cyberattackers includes ecowarriors aiming to jack up an oil firms' production costs, extortionists drawn to oil firms' deep pockets, and foreign governments engaging in a strategic contest for ever-more-scarce global oil reserves, says Jeff Vail, a former counterterrorism and intelligence analyst with the US Interior Department. 'It's underappreciated how vulnerable some of these systems are,' says Vail. 'It is possible, if you really understood them, to cause catastrophic damage by causing safety systems to fail.'"
Even Microsoft will have in its smallprint ... (Score:3, Insightful)
... (along with most other computer/OS manufacturers) that the OS is *NOT* to be used in situations where failure of the system may lead to injuries or loss of life. The fact that a consumer OS is being used at all, never mind one so suscpetable to malware, in a scenario wheres peoples lives may hang in the balance is frankly staggering.
Re:Astounding (Score:2, Insightful)
It confuses me to no end how many systems are based on Windows PCs, even though they only perform trivial tasks that wouldn't pose a challenge to something like a 16-bit home computer of 20 years ago, when operating systems booted of floppy disks and 2MB of RAM were luxurious. Those systems should run a stripped-down embedded OS, not a desktop OS. I've seen a self-checkout cash register system boot up: Java on top of Windows. Somebody got paid for that, handsomely too I suspect.
So what? (Score:2, Insightful)
We're talking about something a bit more critical than online text messaging for the facebook generation.
How long... (Score:3, Insightful)
"What happened to Bob?"
"He was Therac-25ed by the drillbot when the control system went down."
Re:WTF: OpenSource Tag More Important (Score:3, Insightful)
The "Astounding" post above says "They run Windows-based control software". That *is* astounding, and should be considered criminally negligent.
Re:Astounding (Score:2, Insightful)
I'm not proposing that cash register software should be written in assembly language and run on 16bit processors. I just don't understand why a cash register needs a copy of Solitaire and Internet Explorer, especially when the application doesn't even use anything Windows specific because it runs inside the JavaVM.
Re:Astounding (Score:5, Insightful)
How is going from C + ASM on DOS to VB + Powerbuilder on Win 3.1 more maintainable? Are you seriously suggesting that all embedded systems should be running a desktop OS for maintainability reasons (or that no embedded software is maintainable)?
I remember using VB4 back in the day (Win98, I think) and even then the VB IDE had a hard time opening VB3 projects. Good luck trying to get Visual Studio 2008 to open a VB2 project. With C and ASM, at least you can code the project in a variety of IDEs--even plaint-text editors. What are you going to use to open an .frx file other than VB?
Furthermore, you can write maintainable C/ASM code for an embedded RISC/ARM processor just as you can write unmaintainable spaghetti code for an x86 Windows platform. If you're writing software for a desktop platform, you're going to have to update it every few years to keep up with changes in the mainstream desktop platform (new OS, new processors, etc.). If you're writing software for embedded systems then you'll only need to update your software when you decide that you want to change processors, chipsets, or add new features. Re-compiling your code for the next version of the ARM processor is likely to be easier than re-writing your entire application to use a different set of system libraries.
I hope the oil companies will at least... (Score:3, Insightful)
Re:Astounding (Score:5, Insightful)
This whole thread is on the wrong track.
Safety on an oil rig should not be in software. It should be mechanical. A big fat mechanical-reflex operated titanium counterweight that closes a wellhead when pressure is lost can't be hacked in software. Yea, they can shut the rig down, but catastrophic permanent environmental damage is avoided.
The same goes for all last-line safety systems. They should be 100% mechanical, uninfluenced by these unreliable, capricious devices we call computers.
Re:TFA seems to have some dubious facts (Score:3, Insightful)
There are a couple of "iffy" items in the article. First, how can an oil leak detector cause oil leaks (let alone spills)?
If you're an attacked were to determine there was an existing leak, then disable the leak monitor, then command a pump to increase pressure, you could cause damage depending on the pressure rating of the pipes/fittings in question. Other than that, I agree that it would be difficult to cause damage with simply a sensor alone (unless it's a critical sensor in an industrial process).
Re:What is the alternative? (Score:4, Insightful)
A) Microsoft OS (which specifically states that it is NOT FOR USE WHERE PEOPLE MAY DIE)
B) Some fucking idiot with 3 days of C programming classes making a custom operating system.
Alright, I guess I have to explain this to you.
It is possible to hire experienced, knowledgeable people to develop custom operating systems. It is also possible to have that code thoroughly reviewed, tested, etc. to make sure it won't fail in such a way that people die.
Yes, it's more expensive to create/maintain/fix. But on the other hand, people won't die this way.
Seriously, do you use carabiners that say "not for climbing" when you go climbing because they're "cheaper" and "easier to replace"? If not, then you probably should so that you may rid us of your misguided thought that devices that say "NOT FOR USE WHERE PEOPLE MAY DIE" are perfectly suited to things where people may die.
Re:Where it the article... (Score:2, Insightful)
Actually, sorry. Inadequate access controls and credential security on the wireless control network and insufficient encryption of data channels is an even worse situation indicating an even greater level of incompetence (or lack of existence) of network security staff.
Wireless control networks are inherently dangerous. When an employee is released, their credentials must be made invalid immediately, and the encryption keys should be changed frequently.