SoylentNews is people
SoylentNews
Ars technica - Computer intrusion inflicts massive damage on German steel factory
A German steel factory suffered significant damage after attackers gained unauthorized access to computerized systems that help control its blast furnace, according to a report published Friday by IDG News.
The attackers took control of the factory's production network through a spear phishing campaign, IDG said, citing a [pdf] report published Wednesday by the German government's Federal Office for Information Security. Once the attackers compromised the network, individual components or possibly entire systems failed.
This discussion has been archived.
No new comments can be posted.
Computer Intrusion Inflicts Massive Damage on German Steel Factory
|
Log In/Create an Account
| Top
| 29 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Fame is a vapor; popularity an accident; the only earthly certainty is
oblivion.
-- Mark Twain
(Score: 3, Interesting) by sjames on Saturday December 20 2014, @07:50PM
Apparently, the plant was dependent on the network functioning to operate the furnace. They were left with no choice but to hit the big red button and accept that there would be severe damage as a result. It seems that there was no alternative way to shut it down cleanly.
(Score: 5, Insightful) by frojack on Saturday December 20 2014, @08:15PM
It seems that there was no alternative way to shut it down cleanly.
There probably was.
Its just that they became totally dependent on the computers, and nobody could even remember the sequences of manual controls that the programmers used when they wrote the software. Somewhere, long forgotten there probably lies a manual, covered in dust, and buried under stacks of other old manuals that dictates the steps for shutting down the furnace, disconnecting it from a failing control system. They would probably have to call in some retired geezer to help them out, But nobody remembered his name.
Big systems are entirely too dependent on computers these days.
No, you are mistaken. I've always had this sig.
(Score: 3, Informative) by LoRdTAW on Saturday December 20 2014, @09:24PM
I bet they gutted the old manual controls and went 100% digital. Once you shut the PLC/computer down how else are you going to tell a valve manifold on a profibus connection to shut down? Everything is connected via field buses nowadays.
(Score: 4, Funny) by LoRdTAW on Saturday December 20 2014, @09:38PM
Hit post before I was finished.
Computers do make things better. I work on some old 60's/70's machines and they have large control cabinets full of dozens of relays, timers, terminal blocks and worst of all, custom PCB's and antiquated logic relays that you cant find because only a handful were made and the manufacturer is long gone. Then add to that the bundles of wires the thickness of my arm running all throughout the machine to multiple junction boxes with even more terminal blocks. Finding a problem requires a multimeter, giant schematic prints and patience. Often you have to work around things like missing wire tags, goofy patches and repairs that bypassed broken wire runs which aren't labelled. My favorite: the jumper lead that is clipped between some wires or terminals and never documented. They just clipped it in here to get the machine back up and running thinking "Ill just repair this when I get some time" and it never happens.
A PLC or computer eliminates most of the bulky relays and some custom pcb stuff while field buses reduce arm-thick bundles of wires to a single fieldbus cable and a power cable or two. You go from multiple refrigerator sized cabinets side by side to a much smaller enclosure. Very compact, very convenient and easy to adjust. Problems? Most of the time you plug in a laptop and see what is wrong.
(Score: 0) by Anonymous Coward on Sunday December 21 2014, @03:46AM
I get the very strong idea that this should done with something like a dedicated Arduino design. Something small and dedicated. Something with the whole shebang all programmed and ready-to-go can be stocked as a replacement item. And have it read-only as far as the 'net is concerned. Its easy enough to pipe information directly into the Arduino via I2C bus. I could see a TCPIP port on it so one could telnet into it and retrieve status blocks, but that would be about all one could do. Its function would be primarily to control the furnace, not make pretty eye candy for the management presentations. The computers reading the status blocks can do that.
I have seen way too much industrial stuff getting so complex that its all one can do to just get it to run, much less understand exactly what it is internally doing.
In this day of all sorts of intellectual property protection, stuff is deliberately made so you will have to spend an inordinate amount of time and break all sorts of copyright law to learn how it works. One is only expected to use it. Not fix it. Or understand it enough to optimize it.
I am using my own design of Arduino compatibles presently for controlling refrigeration systems.
I see nothing wrong with using multiple systems running in parallel if one is concerned about severe ramifications of failure, so that if one system loses its mind, the others take over.
My own take is that industrial controls, like both Windows and Linux, are growing way too big for their britches. They have lost the simplicity and understanding that makes it possible to know if the machine is misbehaving and how to fix it if it does.
(Score: 2) by frojack on Sunday December 21 2014, @05:36AM
I have seen way too much industrial stuff getting so complex that its all one can do to just get it to run, much less understand exactly what it is internally doing.
Well it was Germany.
So that guarantees 46 layers of indirection via tables within tables, and complex inter connections, any one of which is only used on tuesdays, and only if it is raining. Maintenance is built into the sales price for the firs 4 years, after that you have to order parts from their Brazil field office, paying up front with your first born.
Overly Complex and finicky is their middle name.
No, you are mistaken. I've always had this sig.
(Score: 2) by VLM on Sunday December 21 2014, @09:50PM
If we're going to make German jokes, combining your theory with my theory, and the plot of at least two decades old movies, see, millions of billets of raw steel go thru the steel mill every year, and with typical German precision they all come out as perfectly shaped, glowing red hot construction I-beams that are 10.000000 meters long. Maybe more decimal places. But being red hot, they've expanded and thus shrink when they cool. So when the trucks leave, they're shipping out 9.999999 meter long steel I-beams not ten meter long I-beams.
Now what happens to all those tiny slivers of steel, because we put in 10 meters of raw billet and get 9.999 meter I-beams? Well all those fractions add up. So when they ship out an I-beam, we're going to load those slivers of steel into our material account. We're not really stealing because its just a sliver of a millimeter at a time, you know. I'm trying to impress this waitress chick I met at Oktoberfest and she hates here job because they make her wear flair, just like hitler made the juden wear flair on their uniform, but ... Oh wait channeling Office Space again. I swear I worked at a place like that in the early 00s.
Anyway they downsized the firewall guy and took away his red stapler so he's willing to put our "special" software patch in via the SCADA network, which much like the laser printers, is connected directly to the internet (anyone else from the 90s remember printing to random people's printers over the internet of the era? I never did anything horrible, although I actually did accidentally print to other peoples "shared" printers a couple times... it was an early 90s thing).
So I'm just saying millions of thin little pieces of steel add up to enough to make another eiffel tower after awhile, and now they gotta cover it up or else its PMITA prison time, blah blah you seen the movie too. And for the F of it lets smash up an old laser printer because "PC LOAD LETTER" to gangster rap, because that was cool for middle aged white guys a long time ago. Or was it just painfully embarrassing, not cool? Oh yeah the latter, definitely the latter.
(Score: 2, Informative) by Anonymous Coward on Sunday December 21 2014, @04:17PM
I work on a related aspect of the steel production industry.
You can't shut down a blast furnace quickly. Most things that you can do to the furnace take 8-24 hours before you see an effect. Shutdown and startup procedures are on the higher end of that. In addition, a blast furnace is an EXTEMELY dangerous place to be when anything isn't working properly.
Shutting off the air supply and letting the furnace freeze up is an expensive but reasonable choice under the circumstances.
(Score: 2) by HiThere on Sunday December 21 2014, @07:22PM
All the more reason for an air gap...and that means no wifi or bluetooth control either.
Yeah, I'm not sure a manual shutdown is a good idea, but the control system should not be remotely accessible, and it should probably have a manually switchable backup system in place. (i'm guessing about the relative cost of a blast furnace and its control system, but I think it's a pretty reasonable guess.)
Of course, the backup controls means you need a decent way to tell that they are working, so an automatic switch between systems every time you restart the system seems reasonable. Or perhaps every week, with someone standing by watching the meters so they can do the manual switch if necessary.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by carguy on Sunday December 21 2014, @04:05AM
One possibility I haven't seen yet (just read the ars comments as well as here)--
What if the steel factory operators f**ked up and caused the problem internally. Then, they decided they needed to cover their ass so they blamed it on attackers coming in over the network?
(Score: 3, Insightful) by VLM on Sunday December 21 2014, @12:30PM
If we're going to toss in conspiracy theories, another is the plant was gonna go bankrupt in 6 months anyway due to financialization structure or technological obsolescence or a design mistake, but if they can cover it up they won't lose their jobs. Perhaps the .gov would even reimburse them under some vague terrorism reimbursement thingy, if not outright, maybe an ultra low interest rate rebuilding loan. So management stuck the controls on the internet knowing the plant won't last long.
Something that makes me very nervous about my local nuclear power plant is the executive mgmt used to live more or less downwind, so I trusted they wouldn't intentionally do anything dumb. Then some mergers and the owners live in another nearby state. Then some more wheeling and dealing (and increasing prices of course) and now the plant is owned across the country by people who basically won't be affected in a meltdown. So a little more nervous now. This is related to the above paragraph, a simple regulatory way to enforce security would be to put the executive parking lot or maybe exec offices right underneath the furnace, or immediately downwind of a chemical plant or nuke plant. That would provide a little motivation for a typical slacker executive to at least try and make things safe.
(Score: 3, Interesting) by carguy on Sunday December 21 2014, @09:25PM
...put the executive parking lot or maybe exec offices right underneath the furnace,...
The ancients might have had the right idea? Before there were licensed/professional structural/civil engineers, one of my college profs claimed that the architect/mason had to be inside the cathedral when the wooden construction supports were removed. Might explain why many medieval stone buildings have survived, although these days we might say they were overbuilt.