Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Saturday December 20 2014, @06:47PM   Printer-friendly
from the hope-nobody-was-hurt dept.

Ars technica - Computer intrusion inflicts massive damage on German steel factory

A German steel factory suffered significant damage after attackers gained unauthorized access to computerized systems that help control its blast furnace, according to a report published Friday by IDG News.

The attackers took control of the factory's production network through a spear phishing campaign, IDG said, citing a [pdf] report published Wednesday by the German government's Federal Office for Information Security. Once the attackers compromised the network, individual components or possibly entire systems failed.

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Informative) by Anonymous Coward on Saturday December 20 2014, @06:49PM

    by Anonymous Coward on Saturday December 20 2014, @06:49PM (#127786)

    I used to do industrial control system software - HMI/SCADA. One reason I don't anymore, is that our customers would do stupid things like put high-pressure gas pipelines on the Internet.

    • (Score: 0) by Anonymous Coward on Saturday December 20 2014, @07:02PM

      by Anonymous Coward on Saturday December 20 2014, @07:02PM (#127788)

      Was it? (No, of course I didn't RTFA.)

      Air gap only helps so much as we've seen with Stuxnet. Can't fix stupid. Or at least you need Skynet to try and do so...

      Also, was it a Siemens SCADA?

    • (Score: 1, Interesting) by Anonymous Coward on Saturday December 20 2014, @07:05PM

      by Anonymous Coward on Saturday December 20 2014, @07:05PM (#127789)

      > Why Was a Blast Furnace On the Internet?

      Because some people have to learn the hard way. Network connectivity brings the bad with the good, remote monitoring and control is something that benefited the company every single day. They just never conceived of the downside until it happened to them. It is going to take a few more examples like this before the industry really comes to grips with the fact that everything comes with a price.

      Similarly, maybe the Sony hack will have some effect on the "collect it all" attitude of non-industrial companies. Hackers can't steal what isn't on the net, so time to start prioritizing what data really needs to be electronic at all as well as what data should just be expired to offline storage.

      • (Score: 0) by Anonymous Coward on Saturday December 20 2014, @07:42PM

        by Anonymous Coward on Saturday December 20 2014, @07:42PM (#127801)

        " It is going to take a few more examples like this before the industry really comes to grips with the fact that everything comes with a price."

        Just say NO to IoT marketing insanity.

    • (Score: 3, Insightful) by LoRdTAW on Saturday December 20 2014, @09:42PM

      by LoRdTAW (3755) on Saturday December 20 2014, @09:42PM (#127841) Journal

      How else is management supposed to get reports emailed to them daily, which they ignore but insisted were necessary? What if the boss tells you: I want to see production in real-time from my living room when I don't come in? I want to be able to see my bank account grow before the checks are cashed etc.?

      Oh wait, never mind. I feel your pain.

    • (Score: 3, Funny) by davester666 on Sunday December 21 2014, @03:37AM

      by davester666 (155) on Sunday December 21 2014, @03:37AM (#127908)

      You have to use high-pressure pipes on the internet, because data traffic keeps increases every year, and it gets more and more expense to keep laying bigger and bigger pipes. Between laying new pipes, they increase pressure to get more throughput.

    • (Score: 0) by Anonymous Coward on Sunday December 21 2014, @06:32AM

      by Anonymous Coward on Sunday December 21 2014, @06:32AM (#127938)

      Wait until cars start getting hacked while they drive down the highway... from news out of defcon it would seem that auto manufacturers are ill equipped and foolhardy when it comes to computer network security. At least Ford got rid of Microsoft in their cars.. that goes some of the way to solving the problem... :p

    • (Score: 3, Insightful) by Runaway1956 on Sunday December 21 2014, @07:47AM

      by Runaway1956 (2926) Subscriber Badge on Sunday December 21 2014, @07:47AM (#127953) Journal

      I clicked the link to ask the same question.

      I don't blame the hackers, as much as I blame incompetent managers making idiot policy decisions.

      The random hacker might be forgiven for failing to understand how destructive his play is. A plant manager is EXPECTED to understand the consequences of his decisions.

      "Hey, Bob, I was thinking - if we put ALL OUR SHIT on the internet, we can keep track of it from home, or on the road!"
      "Great idea, Jim. All in favor of exposing our operations to every major and minor criminal on the planet, say "AYE"!"

  • (Score: 2) by frojack on Saturday December 20 2014, @07:08PM

    by frojack (1554) on Saturday December 20 2014, @07:08PM (#127791) Journal

    When are people going to learn. Even the front office does not need access to the industrial equipment network.
    I think we should all start asking questions of our local governments and maybe even our employers where dangerous stuff is involved.

    Oh, and:
    It turns out that Sony attack was a Microsoft SMB attack.

    --
    No, you are mistaken. I've always had this sig.
    • (Score: 0) by Anonymous Coward on Saturday December 20 2014, @09:38PM

      by Anonymous Coward on Saturday December 20 2014, @09:38PM (#127837)
      The workstations that had the 'skull' messages displayed on them were running Linux.
    • (Score: 2) by Nerdfest on Saturday December 20 2014, @09:39PM

      by Nerdfest (80) on Saturday December 20 2014, @09:39PM (#127839)

      Convenience and profit (short term) trump security in almost all cases.

      • (Score: 2) by frojack on Sunday December 21 2014, @12:32AM

        by frojack (1554) on Sunday December 21 2014, @12:32AM (#127862) Journal

        Except security costs so LITTLE....

        --
        No, you are mistaken. I've always had this sig.
        • (Score: 0) by Anonymous Coward on Sunday December 21 2014, @01:23AM

          by Anonymous Coward on Sunday December 21 2014, @01:23AM (#127865)
          No, it doesn't.
  • (Score: 2) by Gravis on Saturday December 20 2014, @07:40PM

    by Gravis (4596) on Saturday December 20 2014, @07:40PM (#127800)

    poor security practices result in poor security. when will the world learn?

    • (Score: 0) by Anonymous Coward on Saturday December 20 2014, @08:15PM

      by Anonymous Coward on Saturday December 20 2014, @08:15PM (#127811)

      > when will the world learn?

      When there is a lot of money on the line.
      Looks like they are just realizing that a lot of money is on the line.
      That means the field of securing scada systems is going to be very lucrative very soon. All you greybeards get your resumes ready.

      • (Score: 0) by Anonymous Coward on Sunday December 21 2014, @10:14AM

        by Anonymous Coward on Sunday December 21 2014, @10:14AM (#127985)

        From the article:

        The attack used spear phishing and sophisticated social engineering techniques to gain access to the factory’s office networks, from which access to production networks was gained. Spear phishing involves the use of email that appears to come from within an organization. After the system was compromised, individual components or even entire systems started to fail frequently.

        This wasn't purely a failure of technology.

        This also had a lot to do with people trying to be co-operative and "look good" to managers.

        No-one wanted to appear disobedient to authority. People with that obedient mentality are especially vulnerable to being hijacked, just like machines are vulnerable. They don't question or think - they just do as they are told.

        I would be hard pressed to say I would not fail under similar circumstances.

        In many cases, I can verify I have a bogus email... I even posted a couple of them here a couple of days ago, so if any here wanted to see a typical phishing attempt, those were typical examples.

        However, had these emails come from a business I was doing business with, I would have likely opened those attachments.

        And that is why I regard sending someone filetypes known to be used to harbor viral attacks about the same as sending a soiled condom.

        This whole failure mechanism was made possible by the ignorance of those unwittingly pulled into this. Had they known what the code was they were feeding their machine, they would had the same reaction as a mother being asked to feed rat poison to her baby.

    • (Score: 2) by Thexalon on Saturday December 20 2014, @10:26PM

      by Thexalon (636) on Saturday December 20 2014, @10:26PM (#127848)

      when will the world learn?

      When security failures are commonplace enough that an individual manager who ignores security risks will be likely to have negative consequences for doing so within their time in authority. Otherwise, it's extremely tempting to skimp on security, maintenance, and other routine expenses to make an individual manager look good, with the knowledge that they'll probably be in a different position or department before the consequences of those decisions come home to roost.

      --
      The only thing that stops a bad guy with a compiler is a good guy with a compiler.
  • (Score: 3, Interesting) by sjames on Saturday December 20 2014, @07:50PM

    by sjames (2882) on Saturday December 20 2014, @07:50PM (#127803) Journal

    Apparently, the plant was dependent on the network functioning to operate the furnace. They were left with no choice but to hit the big red button and accept that there would be severe damage as a result. It seems that there was no alternative way to shut it down cleanly.

    • (Score: 5, Insightful) by frojack on Saturday December 20 2014, @08:15PM

      by frojack (1554) on Saturday December 20 2014, @08:15PM (#127812) Journal

      It seems that there was no alternative way to shut it down cleanly.

      There probably was.

      Its just that they became totally dependent on the computers, and nobody could even remember the sequences of manual controls that the programmers used when they wrote the software. Somewhere, long forgotten there probably lies a manual, covered in dust, and buried under stacks of other old manuals that dictates the steps for shutting down the furnace, disconnecting it from a failing control system. They would probably have to call in some retired geezer to help them out, But nobody remembered his name.

      Big systems are entirely too dependent on computers these days.

      --
      No, you are mistaken. I've always had this sig.
      • (Score: 3, Informative) by LoRdTAW on Saturday December 20 2014, @09:24PM

        by LoRdTAW (3755) on Saturday December 20 2014, @09:24PM (#127834) Journal

        I bet they gutted the old manual controls and went 100% digital. Once you shut the PLC/computer down how else are you going to tell a valve manifold on a profibus connection to shut down? Everything is connected via field buses nowadays.

      • (Score: 4, Funny) by LoRdTAW on Saturday December 20 2014, @09:38PM

        by LoRdTAW (3755) on Saturday December 20 2014, @09:38PM (#127838) Journal

        Hit post before I was finished.

        Big systems are entirely too dependent on computers these days.

        Computers do make things better. I work on some old 60's/70's machines and they have large control cabinets full of dozens of relays, timers, terminal blocks and worst of all, custom PCB's and antiquated logic relays that you cant find because only a handful were made and the manufacturer is long gone. Then add to that the bundles of wires the thickness of my arm running all throughout the machine to multiple junction boxes with even more terminal blocks. Finding a problem requires a multimeter, giant schematic prints and patience. Often you have to work around things like missing wire tags, goofy patches and repairs that bypassed broken wire runs which aren't labelled. My favorite: the jumper lead that is clipped between some wires or terminals and never documented. They just clipped it in here to get the machine back up and running thinking "Ill just repair this when I get some time" and it never happens.

        A PLC or computer eliminates most of the bulky relays and some custom pcb stuff while field buses reduce arm-thick bundles of wires to a single fieldbus cable and a power cable or two. You go from multiple refrigerator sized cabinets side by side to a much smaller enclosure. Very compact, very convenient and easy to adjust. Problems? Most of the time you plug in a laptop and see what is wrong.

      • (Score: 0) by Anonymous Coward on Sunday December 21 2014, @03:46AM

        by Anonymous Coward on Sunday December 21 2014, @03:46AM (#127912)

        I get the very strong idea that this should done with something like a dedicated Arduino design. Something small and dedicated. Something with the whole shebang all programmed and ready-to-go can be stocked as a replacement item. And have it read-only as far as the 'net is concerned. Its easy enough to pipe information directly into the Arduino via I2C bus. I could see a TCPIP port on it so one could telnet into it and retrieve status blocks, but that would be about all one could do. Its function would be primarily to control the furnace, not make pretty eye candy for the management presentations. The computers reading the status blocks can do that.

        I have seen way too much industrial stuff getting so complex that its all one can do to just get it to run, much less understand exactly what it is internally doing.

        In this day of all sorts of intellectual property protection, stuff is deliberately made so you will have to spend an inordinate amount of time and break all sorts of copyright law to learn how it works. One is only expected to use it. Not fix it. Or understand it enough to optimize it.

        I am using my own design of Arduino compatibles presently for controlling refrigeration systems.

        I see nothing wrong with using multiple systems running in parallel if one is concerned about severe ramifications of failure, so that if one system loses its mind, the others take over.

        My own take is that industrial controls, like both Windows and Linux, are growing way too big for their britches. They have lost the simplicity and understanding that makes it possible to know if the machine is misbehaving and how to fix it if it does.

        • (Score: 2) by frojack on Sunday December 21 2014, @05:36AM

          by frojack (1554) on Sunday December 21 2014, @05:36AM (#127930) Journal

          I have seen way too much industrial stuff getting so complex that its all one can do to just get it to run, much less understand exactly what it is internally doing.

          Well it was Germany.
          So that guarantees 46 layers of indirection via tables within tables, and complex inter connections, any one of which is only used on tuesdays, and only if it is raining. Maintenance is built into the sales price for the firs 4 years, after that you have to order parts from their Brazil field office, paying up front with your first born.

          Overly Complex and finicky is their middle name.

          --
          No, you are mistaken. I've always had this sig.
          • (Score: 2) by VLM on Sunday December 21 2014, @09:50PM

            by VLM (445) Subscriber Badge on Sunday December 21 2014, @09:50PM (#128133)

            If we're going to make German jokes, combining your theory with my theory, and the plot of at least two decades old movies, see, millions of billets of raw steel go thru the steel mill every year, and with typical German precision they all come out as perfectly shaped, glowing red hot construction I-beams that are 10.000000 meters long. Maybe more decimal places. But being red hot, they've expanded and thus shrink when they cool. So when the trucks leave, they're shipping out 9.999999 meter long steel I-beams not ten meter long I-beams.

            Now what happens to all those tiny slivers of steel, because we put in 10 meters of raw billet and get 9.999 meter I-beams? Well all those fractions add up. So when they ship out an I-beam, we're going to load those slivers of steel into our material account. We're not really stealing because its just a sliver of a millimeter at a time, you know. I'm trying to impress this waitress chick I met at Oktoberfest and she hates here job because they make her wear flair, just like hitler made the juden wear flair on their uniform, but ... Oh wait channeling Office Space again. I swear I worked at a place like that in the early 00s.

            Anyway they downsized the firewall guy and took away his red stapler so he's willing to put our "special" software patch in via the SCADA network, which much like the laser printers, is connected directly to the internet (anyone else from the 90s remember printing to random people's printers over the internet of the era? I never did anything horrible, although I actually did accidentally print to other peoples "shared" printers a couple times... it was an early 90s thing).

            So I'm just saying millions of thin little pieces of steel add up to enough to make another eiffel tower after awhile, and now they gotta cover it up or else its PMITA prison time, blah blah you seen the movie too. And for the F of it lets smash up an old laser printer because "PC LOAD LETTER" to gangster rap, because that was cool for middle aged white guys a long time ago. Or was it just painfully embarrassing, not cool? Oh yeah the latter, definitely the latter.

      • (Score: 2, Informative) by Anonymous Coward on Sunday December 21 2014, @04:17PM

        by Anonymous Coward on Sunday December 21 2014, @04:17PM (#128037)

        I work on a related aspect of the steel production industry.

        You can't shut down a blast furnace quickly. Most things that you can do to the furnace take 8-24 hours before you see an effect. Shutdown and startup procedures are on the higher end of that. In addition, a blast furnace is an EXTEMELY dangerous place to be when anything isn't working properly.

        Shutting off the air supply and letting the furnace freeze up is an expensive but reasonable choice under the circumstances.

        • (Score: 2) by HiThere on Sunday December 21 2014, @07:22PM

          by HiThere (866) Subscriber Badge on Sunday December 21 2014, @07:22PM (#128087) Journal

          All the more reason for an air gap...and that means no wifi or bluetooth control either.

          Yeah, I'm not sure a manual shutdown is a good idea, but the control system should not be remotely accessible, and it should probably have a manually switchable backup system in place. (i'm guessing about the relative cost of a blast furnace and its control system, but I think it's a pretty reasonable guess.)

          Of course, the backup controls means you need a decent way to tell that they are working, so an automatic switch between systems every time you restart the system seems reasonable. Or perhaps every week, with someone standing by watching the meters so they can do the manual switch if necessary.

          --
          Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
    • (Score: 2) by carguy on Sunday December 21 2014, @04:05AM

      by carguy (568) Subscriber Badge on Sunday December 21 2014, @04:05AM (#127914)

      One possibility I haven't seen yet (just read the ars comments as well as here)--
      What if the steel factory operators f**ked up and caused the problem internally. Then, they decided they needed to cover their ass so they blamed it on attackers coming in over the network?

      • (Score: 3, Insightful) by VLM on Sunday December 21 2014, @12:30PM

        by VLM (445) Subscriber Badge on Sunday December 21 2014, @12:30PM (#127998)

        If we're going to toss in conspiracy theories, another is the plant was gonna go bankrupt in 6 months anyway due to financialization structure or technological obsolescence or a design mistake, but if they can cover it up they won't lose their jobs. Perhaps the .gov would even reimburse them under some vague terrorism reimbursement thingy, if not outright, maybe an ultra low interest rate rebuilding loan. So management stuck the controls on the internet knowing the plant won't last long.

        Something that makes me very nervous about my local nuclear power plant is the executive mgmt used to live more or less downwind, so I trusted they wouldn't intentionally do anything dumb. Then some mergers and the owners live in another nearby state. Then some more wheeling and dealing (and increasing prices of course) and now the plant is owned across the country by people who basically won't be affected in a meltdown. So a little more nervous now. This is related to the above paragraph, a simple regulatory way to enforce security would be to put the executive parking lot or maybe exec offices right underneath the furnace, or immediately downwind of a chemical plant or nuke plant. That would provide a little motivation for a typical slacker executive to at least try and make things safe.

        • (Score: 3, Interesting) by carguy on Sunday December 21 2014, @09:25PM

          by carguy (568) Subscriber Badge on Sunday December 21 2014, @09:25PM (#128127)

          ...put the executive parking lot or maybe exec offices right underneath the furnace,...

          The ancients might have had the right idea? Before there were licensed/professional structural/civil engineers, one of my college profs claimed that the architect/mason had to be inside the cathedral when the wooden construction supports were removed. Might explain why many medieval stone buildings have survived, although these days we might say they were overbuilt.