Water Pump Destruction Not Due To SCADA Hack 90
knifeyspooney writes "According to the Springfield State Journal-Register, the city's recent public water system failure was not caused by malicious activity. One water district trustee spoke this gem: 'First, they tell us that it's the first instance of cyber hacking in the entire world, and everyone goes nuts. Now, all of a sudden, they tell us it's not.'"
First instance? (Score:5, Insightful)
Re:First instance? (Score:4, Funny)
Yes.
There have been hacking instances somewhere in the world, in the past, probably. But this is the first one that's cyber.
Re:First instance? (Score:5, Funny)
They trendsourced it.
As MrEricSir once wrote: (http://tech.slashdot.org/comments.pl?sid=1174265&cid=27321897)
Def. trendsource
-verb: to solve problems using popular buzzwords
("The water utility trendsourced the cyberhack by integrating crowdsourcing with Agile methodologies automated with a SOAP communication layer.")
Re: (Score:2)
water and SOAP. I lolled.
Re: (Score:2)
They trendsourced it.
Pheww! At first I read it as transsourced and thought, but, but, there is no word such as transsource. A quick search [urbandictionary.com] confirmed this.
But OK, if it's trendsource then that's a real word [urbandictionary.com].
Oh, wait...
Re:First instance? (Score:5, Informative)
Re: (Score:2)
Wired still seems to think it was a hack, or at least something fishy is going on. http://www.wired.com/threatlevel/2011/11/scada-hack-report-wrong/ [wired.com]
If it isn't a hack, it's boring and won't give page views. It just has to be something nefarious.
Re: (Score:2)
Correction: Wired says Joe Weiss thinks it was a hack, or that at least something fishy is going on.
Ask a wide cross-section of SCADA geeks what they think of Joe.
Re: (Score:3)
I think what he meant was it was the first instance of cyber-hacking (is that phrase redundant?) against a SCADA system. Besides, that's the exact wording the media is using.
I live in Springfield, and the media reports are pretty contradictory. The reports in the last few days were that the company that designed the system had evidence of a successful hack and they were worried that the design company hack would lead the attackers to information that would let them in the system.
Two nights ago the local TV
Re: (Score:2)
Re: (Score:2)
It wasn't even reported if his sister in law [springfield.il.us] had anything to say about it, but it wasn't a CWLP pump, a little town five or so miles outside Springfield.
Manipulating the stupid masses through media. (Score:5, Insightful)
http://www.abc.net.au/science/articles/2011/07/11/3265013.htm [abc.net.au]
http://idle.slashdot.org/article.pl?sid=10/07/14/1235220 [slashdot.org]
Re:Manipulating the stupid masses through media. (Score:4, Funny)
Isn't all that tinfoil a little scratchy?
Re: (Score:2)
Re: (Score:3, Insightful)
I'm a big fan of good evidence but if you don't read Leo Strauss and discover that a critical component of neo-conservatism is having an enemy to unite people against, then find out that an entire war launched by neo-cons that dumped billions into the pockets of neo-con friendly businesses was based on entirely fabricated evidence against the enemy, then wonder if some elements of governments might be willing to engage in extreme hoodwinking to get what they want....maybe you are in denial.
Re: (Score:1)
Thank you.
I like how easy it is to decide decide to completely dismiss someones statements based on a single hint.
The "Neo-Cons" did it with the help of the "Jews".
Please continue to use the term Neo-Con so as to warn the rest of us that you are to be ignored.
Re: (Score:2)
Re: (Score:2)
Tinfoil Conspiracy (Score:3)
I posted this before, but the fight against this conspiracy is not over yet!
Any nerd claiming to wear a tinfoil head is either a wannabe or part of the tinfoil conspiracy!!11! It is so obvious that tinfoil hats might cover you from alleged hostile brain control waves from sattelites thousands of kilometeres awas, but otoh forms a nearly parabolic antenna to the whole communication wires and infrastructure below pedestrian lanes just a couple of meters away. And coincidentally only relevant people will be af
Re: (Score:2)
Well this tactic worked in Roswell, a lot of people still believe it was an UFO.
Re: (Score:3)
Eh, it was Rority. [slashdot.org] Drunk and stoned, as usual.
This is the FBI (Score:5, Funny)
Good morning Mr. Mayor,
this is special agent Smith.
Yes, we'd like you to say the water pump malfunctioned and wasn't hacked.
No, no, I know about the truth, Mr. Mayor, but we don't want the public to be aware of the dangers they are in from exploding water towers and militarised telephone cables... or to encourage copycat hackers.
Yes, yes... just say it was normal wear and tear.
Oh, you're not going to comply?.. are you aware that we have an unauthorised GPS under your car and know what you do Tuesday nights? ... ahh I'm glad you see things our way.
Re: (Score:1)
Too bad that makes no sense what so ever.
Re: (Score:1)
It does when you realize you're only hearing what Agent Smith is saying
Re: (Score:2, Insightful)
No. It was a revised statement based on new information. That's still allowed, right?
Re:So, the question is.... (Score:4, Insightful)
Re: (Score:2)
Now we just need to make sure the new information isn't that they might have to cut back on fondling children in the airport and start doing actual hard work if the public gets concerned about the SCADA thing.
Y'all missed a critical paragraph in TFA (Score:5, Informative)
"How can two government agencies be so at odds at what’s going on here? Did the fusion center screw up, or is the fusion center being thrown under the bus?” commented Joe Weiss, the security expert who discovered the initial Fusion Center report and reported on it. “There’s a lot of black and white stuff in that report. Either there is or there isn’t a Russian IP address in there. It’s hard to miss that."
Re: (Score:3)
Re:Y'all missed a critical paragraph in TFA (Score:5, Insightful)
Re: (Score:2)
Riiiiiiiight... Correct me if I'm wrong, but a "connection attempt" won't be enough to take down any system.
Getting a Russian IP address to attempt to connect at your SSH port is one thing, getting a Russian IP address successfully entering your machine and "doing stuff" is something totally different.
If this was all because of an IP logged as failing access then that's one thing. Having heard earlier in the week that the password was 3 characters long, I kind of doubt that...
Re: (Score:2)
Different attack; this was in a little town a few miles outside Illinois' capital city, the one with the three letter password was in Texas (go figure).
Re: (Score:1)
Mod parent up. This is a very important point. These agencies aren't talking to each other very well.
Re: (Score:2)
"How can two government agencies be so at odds at whatâ(TM)s going on here? Did the fusion center screw up, or is the fusion center being thrown under the bus?â commented Joe Weiss, the security expert who discovered the initial Fusion Center report and reported on it. âoeThereâ(TM)s a lot of black and white stuff in that report. Either there is or there isnâ(TM)t a Russian IP address in there. Itâ(TM)s hard to miss that."
One explanation could be their ras computer was one of millions which happened to be part of a random botnet army.
Someone looking into what had happened incorrectly linked their problem to discovery of the botnet. Not unlike blaiming the compiler, cosmic rays, the rain...etc..it was a knee jerk by someone lacking intelligence to follow thru with a proper investigation.
The "apparently" reference in regards to hacked vendors password lists also red flagged in my mind that the morons managing the system were
Re: (Score:2)
Either there is or there isn’t a Russian IP address in there. It’s hard to miss that.
An ip address is some unnamed log file that someone says is Russian tells you exactly nothing about whether a system was compromised. Was that just somebody running a scan near the same time the pump broke, or did you just get 0wned? A simple log file of network traffic won't tell you that. Anyone who's ever looked at network log files knows there's scans of your IP addresses going on constantly. In any fore
Re: (Score:2)
Are we all just into saying crap nowadays?
Who the hell does intrusion detection by (simply) analyzing network traffic and port scanning? Here's a line from a log file in a certain machine I have access to:
(I replaced the username and part of the IP address for security and privacy reasons)
In this case, the user logged in successfully. If it was unsuccessful, it would also
Re: (Score:3)
Who the hell does intrusion detection by (simply) analyzing network traffic and port scanning? Here's a line from a log file in a certain machine I have access to:
Maybe the same idiots who put a SCADA system accessible over the internet?
The truth is we have no idea where the alleged "russian IP address" came from. You making up an SSH log is pure bullshit. Was it an intrusion detection system, or was it a firewall log? Nobody is saying. The OP seemed to think this was very simple, with an IP address som
Sowing the seeds of cyberwar profiteering? (Score:2)
Re: (Score:1)
Yep, we haven't had a good cyber war yet, I'm sure the Chinese hackers are itching for it.
Re: (Score:3)
I'm not sure they are overblown at all, stuxnet being the poster child for this as it actually impacted real world nuclear reactors. Another example being the guy using the handle pr0f that hacked a SCADA system the same day as this water pump and offered conclusive evidence to the fact. If stuxnet was deployed as a method to weaken the security capabilities of a perceived enemy, then it strikes me as a tool of war. I'm pretty sure though what everyone is calling "cyber-war" is likely to evolve into "war-pr
Re:Sowing the seeds of cyberwar profiteering? (Score:4, Insightful)
Well stuxnet affected Programmable logic controllers that affected centrifuges refining nuclear material. I was at a conference recently and half the talks were about stuxnet, duqu and PLCs, the show was not energy or utility industry related, but basically anything with a PLC is vulnerable to this sort of attack.
There were a lot of folks in industry talking about how uncertain they were about how tight their air-gaps were. Stuxnet got past air-gaps anyway, but at least a lot of the industrial controls folks are talking about it now. It would have been nice if someone listened when US-CERT reported researchers were able to remotely burn out an electrical generator in 2005.
Re: (Score:2)
While I don't think that threats like these are nonexistent, they are still extremely overblown, and the media jumps on them at a moment's notice.
That's the media for you. If a system or systems were attacked on a daily basis, you wouldn't hear a peep out of the media. Dog Bites Man isn't news, Man Bites Dog is. Airline crashes are covered so often by the media because they're rare, not because they're common.
Re: (Score:2)
"My biggest concern is that this could be the beginning of the military industrial complex evolving to exist on the internet."
The military industrial complex invented the internet.
Dam cyberhackers (Score:3)
The three-letter passwords can withstand regular hackers, but noone could expect that the mighty cyberhackers were coming!
Re: (Score:2)
Re: (Score:3)
It wouldn't be the first (Score:2)
Subject says all.
screenshots prove nothing... (Score:3, Insightful)
Help a /.er out (Score:2)
This reminds of a story I read in a newspaper at least 18 years ago that maybe was an excerpt from a book. Hoping someone could get me a name, or some other details.
Here's what I remember:
It was focused on a hacker. One of his crimes, he was able to remotely take over the operation of a dam, controlling its spillways, although I don't think he ever did any damage. When the authorities found the guy, his fingers were described as curled backwards from endless hours at a keyboard, and he was living in filth.
Re:Help a /.er out (Score:4, Informative)
http://books.simonandschuster.com/At-Large/David-H-Freedman/9780684835587 [simonandschuster.com] Cuckoo's Egg might be the classic popular text from that era.
http://www.amazon.com/Cuckoos-Egg-Tracking-Computer-Espionage/dp/0743411463 [amazon.com]
Re: (Score:2)
Aye, that's the one. Thank you kindly.
These Are Not (Score:1)
Preston (Score:2)
Never ... (Score:1)
Re: (Score:2)
Hanlon's Razor (attributed to Heinlein). However, Never attribute to stupidity that which can be attributed to greedy self-interest. Somebody sold the water company a new pump, and the old one was fairly new.
Now, if the pump was covered under warrantee, Heinlein comes into play.
detailed analysis by DHS (Score:3)
"...detailed analysis by DHS and the FBI has found no evidence of a cyber intrusion or any other malicious activity."
All this means is professional spin doctors were called in as damage control.
First off, there is a cracker out there with screen dumps from another cracked SCADA system. Coincidence? Yeah, right.
Secondly, the compromise was originally believed to have been the result of the SCADA vendor being cracked. Also, an IP address from a Russian source was found. If there was no compromise, I would still really be interested as to why a Russian IP address was found connecting to US infrastructure.
Thirdly, the cracker's pastebin post* sounds quite accurate of the DHS in general:
"...the DHS tend to downplay how absolutely FUCKED the state of national infrastructure is."
* - http://pastebin.com/Wx90LLum [pastebin.com]
Re: (Score:1)
These are not the ... (Score:2)
Obi-Wan: These aren't the droids you're looking for.
Stormtrooper: These aren't the droids we're looking for.
Obi-Wan: He can go about his business.
Stormtrooper: You can go about your business.
Obi-Wan: Move along.
Stormtrooper: Move along... move along.
screen shots.... (Score:1)
http://pastebin.com/Wx90LLum [pastebin.com]
Local government incompetence? (Score:2)