South Korean Power Plants To Conduct Cyber-Attack Drills Following Hack 39
An anonymous reader writes South Korea's nuclear operator has been targeted in a cyber-attack, with hackers threatening people to 'stay away' from three of the country's nuclear reactors should they not cease operations by Christmas. The stolen data is thought to be non-critical information, and both the company and state officials have assured that the reactors are safe. However, KHNP has said that it will be conducting a series of security drills over the next two days at four power plants to ensure they can all withstand a cyber-attack. The hacks come amid accusations by the U.S. that North Korea may be responsible for the punishing hack on Sony Pictures. Concerns have mounted that Pyongyang may initiate cyber strikes against industrial and social targets in the U.S. and South Korea.
airgap (Score:2)
Now would be a good time to institude a national airgap policy for critical infrastructure, if not already in place.
Re:airgap (Score:5, Insightful)
Re: (Score:1)
Re: (Score:1)
You can administratively disable USB mass storage while preserving access to keyboard and mice without much issue. In Windows its easily done with group policies and/or registry changes. If your users have local administrator rights they could attempt to override that setting. In which case you eliminate any reason for them to have local administrative rights, even if that means turning some of your fickle applications into remote apps on a server with no USB access.
Those principals are applicable on other
Re: (Score:1)
Nah they'd rather use basement bargain Gateway 2000 computers running Windows NT.
Re: (Score:1)
We have air gapped computers at work. The USB ports have been hot-glued shut.
Re: (Score:2)
Huh? (Score:2)
Re: (Score:1)
I would imagine.... (Score:2)
Re: (Score:2)
Huh? (Score:1)
Re: (Score:2)
Re: (Score:2)
airgap is a good start.
Re: (Score:2)
Re: (Score:3)
Re: (Score:3)
The plant's control systems may indeed be air gapped. However there are still access vectors. For instance some internet connected switch that sits on a dedicated SCADA network might be exploited and then use the private SCADA network (which isn't necessarily TCP/IP) to access the otherwise air gaped systems. Even exploiting non-critical or seemingly non-critical machines might affect the operation of secure isolated systems.
Then there's always the USB infection route. An unwitting user inserts a USB stick
Re: (Score:2)
If there is an Internet connected switch on the dedicated SCADA network, then it's not air gapped, by definition. Air gapped means there's no wire running from the Internet side to the protected network. Hence, there is an "air gap" in between the two networks.
WCPGW (Score:3)
That's my first reaction: it's one thing to set up a virtual environment and pen-test it; rather another to test systems which are currently making sure nuclear plants are running properly and fully failsafed.
Maybe I'm just paranoid 'cause I'm reading "Wolves eat Dogs," but I sure hope they don't test on an operational plant.
Repeat the lie until its believed... (Score:2)
Come on guys, nobody is buying it. It can't be that after Iraq and the WMDs, or Benghazi, that people know we are flat out liars. MORE PROPAGANDA!
Re: (Score:1)
The threat of North Korea! (Score:3, Funny)
Kim Jong now has the 1337 haxor skillz to set a Sony alarm clock to go off at any time he chooses!
We're doomed!
In regard to (Score:1)
I'm not advocating that the bombs should be falling, however, if North Korea has been confirmed as being responsible for the attack on Sony and now appears to be making terroristic threats against American allies then why has there been no response from the U.S.? Sanctions or something!
A foreign nation has attacked a U.S. company on U.S. soil and has caused financial loss to that company and is threatening the lives of those associated with that company. Now, North Korea is making direct threats against th
Re: (Score:2)
Re: (Score:2)
We don't attack NK because they have enough bunkers on the North side of the DMZ to destroy Seoul. The bunkers are deep, and they could pound on Seoul with artillery for days before we could destroy all of them.
Oh yeah, and China would threaten us with war.
Protecting US power stations (Score:1)
A Quartz article [qz.com] says the DHS accidentally released more than 800 pages "demonstrating how easy it was to hack elements in power and water systems."
The article says the DoD bought devices that would protect power plants from attack:
“DOD bought several of the iGR-933, they bought them to give them away to utilities with critical substations,” Weiss said. “Even though DOD was trying to give them away, they couldn’t give them to any of the utilities because any facility they put them in would become a ‘critical facility’ and the facility would be open to NERC-CIP audits.”
Assuming this article is accurate (I don't know how power stations work), I hope the new Congress will care enough about security to force utilities to secure themselves. I'm not holding my breath, though.
Nukes should already be hardened (Score:2)
For example, nuclear-grade UPS systems typically offer a feature such as the following: "Digital logic free. 100% analog control with fully verified behavior. No need for expensive and time consuming software verification"
Similar