Wednesday, February 2, 2011

SCADA: A Clear and Present Danger

Supervisory Control and Data Acquisition Systems (SCADA) refers to industrial control systems: computer systems that monitor and control industrial, infrastructure, or facility-based processes. Industrial processes include those of manufacturing, production, power generation, fabrication, and refining. Infrastructure processes may be public or private, and include water treatment and distribution, wastewater collection and treatment, oil and gas pipelines, electrical power transmission and distribution, wind farms, civil defense siren systems, and large communication systems. These systems were designed as devices that triggered automatically, determined a particular problem and simply reported information back. This alarm and information were originally transmitted over a telephone line.

Currently, the main vulnerabilities of SCADA systems come from the fact that we've taken something of very limited control and have now connected it to an internet that is accessible by other people. The bottom line is that more people have access to the SCADA system than was ever intended.

In order to make the SCADA systems cost-effective in the future, there are no longer special purpose operating systems built for them. Standard vendor operating systems, with additional vulnerabilities that are well known, are now in place. So now we have systems that are well understood by enemies of the state, connected to the internet, but still providing a rather critical function in the current infrastructure. There were protections around SCADA systems for a long time. Now holes have been poked in those walls to give us more cost effective access to those SCADA systems, with all of the vulnerabilities that entails.

Over the past decade, software vulnerabilities have been detected and reported privately and through the media. There were several main misconceptions that generally deemed the system as secure, giving the public a false sense of safety.

The first misconception was that the SCADA system resides on a physically separate, stand-alone network. These systems were originally built before and often separate from other corporate networks. As a result, IT personnel typically operated on the assumption that these systems cannot be accessed through corporate networks or from remote access points. Unfortunately, this belief is, for the most part, fallacious.

The second misconception was that connections between SCADA systems and other corporate networks are protected by strong access controls. Many of the interconnections between corporate networks and SCADA systems require the integration of systems with different communications standards. The result is often an infrastructure that is engineered to move data successfully between two unique systems. Due to the complexity of integrating disparate systems, network engineers often fail to address the added burden of accounting for security risks.

The third misconception was that SCADA systems require specialized knowledge, making them difficult for network intruders to access and control. This misconception assumes that all attackers of a SCADA system lack the ability to access information about their design and implementation. These assumptions are inappropriate given the changing nature of utility system vulnerabilities in an interconnected environment. Due to the fact that utility companies represent a key component of one of the nation’s critical infrastructures, these companies are likely targets of coordinated attacks by “cyber-terrorists”, as opposed to disorganized “hackers.” Such attackers are highly motivated, well-funded, and may very well have “insider” knowledge. Further, a well-equipped group of adversaries focused on the goal of utility operations disruption is certain to use all available means to gain a detailed understanding of SCADA systems and their potential vulnerabilities.

I recently received a correspondence from an individual (who I will refer to as ‘RD’) who is convinced that the government is attempting to suppress much of the SCADA vulnerabilities by quieting whistleblowers. The information offered may be pure speculation but there is a reason why RD has taken on this personal crusade…RD sincerely believes his brother was executed because of what he knew.

The following is the letter from RD. I have edited some of the wording simply because of RD’s understandable passion:

"I believe that the murder of John P. Wheeler III was a planned surgical hit. Wheeler was a Former Special Assistant to the Secretary of the Air Force, Member of Council on Foreign Relations. At the time of his death, he was working as a consultant for the Mitre Corporation. Mitre performs Information Technology work for several Federal Agencies, including Defense and Homeland Security departments."

"Wheeler was very concerned that the Pentagon had not taken the threat of a cyber attack seriously, and he was trying to convince certain individuals of these threats. He stated that the United States is definitely not prepared to defend itself against a well orchestrated cyber network attack, and the results could be beyond devastating! I would be willing to go even further and say, that Wheeler was trying to get the attention of the right people, to understand how these cyber attacks could be carried out, by using the SCADA Network Operating Systems. SCATA is used nationwide to link network data control to all public utility, law enforcement, emergency, transportation and distribution services and technologies. This includes all National Defense, Military and Space Program Operations."

"The average American has no idea how deep this goes, and has no idea of the damage that can be done by a Cyber SCADA attack. Neighbor will be killing neighbor in order to get the last of their stock piled food and water. The movie ‘Road Warrior’ is exactly what the outcome would be like! They will shutdown all utility services and cripple gas, food, and water supply distribution…then imbed their super virus into the software. No one could possibly get everything back to full operational condition again, for at least six months to a year...."


THE DEATH OF JOHN P. WHEELER III

The body of John P. Wheeler III, a decorated US Army officer, was found dumped in a Delaware landfill on New Years Eve day, a few days after he expressed concern that the nation wasn’t adequately prepared for cyber warfare, according to news reports following the bizarre whodunit.

Events surrounding the murder of Wheeler, who most recently worked part-time for defense contractor Mitre Corporation on cyber defense topics, read like a Tom Clancy novel. The 66-year-old worked for three Republican administrations, was special assistant to the Secretary of the Air Force, served in the office of the Secretary of Defense, and penned a manual on the effectiveness of biological and chemical weapons, which urged US forces to show restraint.

The day after Christmas, (five days before his body was found as it was being dumped from a trash truck into the Cherry Island Landfill in Wilmington) Wheeler sent longtime friend Richard Radez an email expressing concern that the US wasn’t sufficiently prepared for “cyber warfare,” according to The Associated Press.

“This was something that had preoccupied him over the last couple of years,” Radez told the news organization.

Wheeler’s focus on computer warfare, and his ties to Mitre, have already attracted conspiracy theories involving the military industrial complex, but there are plenty of other intriguing details that don’t immediately fit into such a plot.

Among them are revelations that Wheeler was seen on December 29 and 30 in a “confused and disoriented” state in downtown Wilmington. During that last appearance, which occurred some 14 hours before his body was discovered, he was wandering inside an office building a few blocks from an attorney who was handling a contentious lawsuit Wheeler filed to stop neighbors from building a home near his. He refused help from several people who approached him.

A day earlier, he approached a parking garage attendant “wearing a black suit with no tie and only one shoe,” according to the AP report. He carried the missing shoe in his hand and wore no overcoat, despite the frigid temperature. He told the attendant he had been robbed of his briefcase and said repeatedly he wasn’t drunk.

To further the intrigue, Delaware police have reportedly found evidence that Wheeler may have been involved in an attempted arson on the same neighbors he was suing. The attempted arson on December 28 came after someone tossed several smoke bombs used for rodent control into the neighbors’ house, scorching the floors.

What’s more, the AP has reported that yellow police evidence tape was seen surrounding two wooden chairs in Wheeler’s kitchen, where several wooden floorboards were missing, even though Delaware police have said the victim’s home is not considered a crime scene. A neighbor, according to Examiner.com, said Wheeler’s television blared continuously in the days preceding his death.

Those details, combined with the fact that someone went to considerable effort to hide Wheeler’s body in a trash dumpster in nearby Newark, Delaware, would suggest the homicide wasn’t a random mugging. - uncompiled.com / theregister.co.uk

THE LETTER CONTINUES...

"My brother worked as a water treatment plant operator and he discovered secret plans by our (shadow) government, to launch this cyber attack. Water treatment plants across the country all have a SCADA building, and certain individuals are trained by our own government to operate the systems within these SCADA buildings. Unfortunately most of these individuals are dedicated radical Islamic Muslims! Just like the individuals trained by our own government, for the 911 attacks and pre-set demolition charges. When the planes were crashing into the World Trade Center Buildings, the SCADA operators locked down the building, at the Water Department and held a party. The following morning, when they finally unlocked the doors and were heading out to go home, they were shouting “death to Americans” and “you stupid Americans brought this upon yourselves”. My brother was there and he was shocked at this activity, especially since his supervisors and the superintendent never even took disciplinary action against these people."

"My brother worked for the water department for 28 years, and he died just three months after his retirement. He was suffering from an illness that no doctor could (or would) diagnose. He became deathly ill about five months before his retirement date. Six weeks before his death, he asked me to promise him, that I would seek justice for his death, should he die from his mystery illness. He said that he knew for a fact, someone was trying to kill him. He wasn’t sure if they were using viral (bacterial), chemical (poisons), or possible biological (germ warfare grade) agents to accomplish their slow kill assassination mission. I will not get into the details of his autopsies, other than to say the Medical Examiner working for the same public officials as the water department, declared his death was from natural causes. The private pathologist we hired for a second autopsy stated that the cause of his death was “inconclusive”!"

"There is no doubt in my mind and all of the other family members, that my brother was murdered, just like John P. Wheeler III. All of my brother’s close friends are certain of his murder as well. My brother was trying to warn people about the impending cyber attack being planned by the SCADA operators. I am guessing that is exactly the same mission Mr. Wheeler was working on. We have to find a way to make their SCADA cyber attack plans be known to the public."

"I desperately need to get the word out there. My life is being threatened on a regular basis and I am now being stalked by the government for my attempts to research my brother’s findings. They are killing the highest profile people in this matter, and I am slowly becoming one myself. I have gone through six different cell phones in order to keep them from tapping my conversations. Many of my family’s phones are tapped, and so are my friend’s phones." - RD


I know some will say that I’m making light of a person’s rambling during a time of grief, but it has been proven that the SCADA system has serious problems that need to be addressed sooner than later. The public is entitled to know how secure they really are despite those who say that the best policy is to not cause public panic. But let’s be honest, manufactured fear ( ie: The Terrorist Warning Alert and Iraq’s WMD lies) is one thing…actual clear and present danger is another.

NOTE: SCADA vulnerability updates can be found on the National Vulnerability Database. The recent Stuxnet threat has cast a light on SCADA security issues...just look at the current situation in Iran - Stuxnet Could Trigger Atomic Calamity, Intel Report Warns. You may also be interested in the following links in reference to suspicious deaths of whistleblowers - Former KGB Agent Claims Dr. David Kelly Was 'Exterminated', Dr. David Kelly Post-Mortem Ordered Buried For 70 Years. Election Fraud Witness Against Rove and GOP Dies In Plane Crash and First, Mike Connell...Now, Beverly Eckert...Lon

Click for video - (Staged cyber attack reveals vulnerability in power grid) and Click for video - (Cyber War - Consequences)

Sources:
www.pbs.org – Frontline: Cyber War!
www.notanotherconspiracy.com – SCADA Systems
www.iwar.org.uk - Understanding SCADA System Vulnerabilities
www.sersc.org
www.scadasecurity.org – The Open SCADA Security Project
www.blackhat.com – SCADA Security: We’re Not Crying ‘Wolf’
volokh.com – The Volokh Conspiracy
www.uncompiled.com
www.washingtonpost.com – TVA Power Plants Vulnerable to Cyber Attacks
www.networkworld.com – Experts Hack Power Grid in No Time
www.informationweek.com – CIA Admits Grid Attacks Possible
www.bcit.ca – Industrial Cyber Security
www.nytimes.com – When Computers Attack
www.whistleblower.org
www.theregister.co.uk
www.securitymagazine.com