Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
"Data storm" blamed for nuclear-plant shutdown
Robert Lemos, SecurityFocus 2007-05-18

The U.S. House of Representative's Committee on Homeland Security called this week for the Nuclear Regulatory Commission (NRC) to further investigate the cause of excessive network traffic that shut down an Alabama nuclear plant.

Comments Mode:
Why Windows? 2007-05-19
Mark (1 replies)
It's concerning that Windows is being used to begin with in such critical situations. Really, with so many other inherently more secure OS's being avaialble it seems downright foolish to use one of the worlds most vulnerable OS's to run critical (possibly life or death) systems....

[ more ]  [ reply ]
Re: Why Windows? 2007-05-21
Anonymous (1 replies)
Ahh... The classic windows is broken argument. The truth is, all operating systems are vulnerable. The problem is, everyone runs windows so that is where the focus is. If everyone ran bsd, i'd wager there would be more bsd vulnerabilities being published.

But, when i read this article, i see that...

[ more ]  [ reply ]
Re: Re: Why Windows? 2007-05-22
vinr (1 replies)
Well said. I agree fully the problem here has nothing to do with Windows. Its lack of error handeling on behalf of the engineers and programmers. (Also Un*x is just as vulnerable as Windows)....

[ more ]  [ reply ]
Re: Re: Re: Why Windows? 2007-05-24
Anonymous
Very true, error handling is critical in any real time system, but I could not imagine using a standard non-RT OS (windows, unix, or any other "consumer" OS)for regulating a nuclear system. This was a PLC, not a do-it-all modified "Windows for Nuclear Reactors". I would think they are using an engin...

[ more ]  [ reply ]
"Data storm" blamed for nuclear-plant shutdown 2007-05-20
Anonymous (1 replies)
Why in the WORLD nuclear control computers are connected to the public Internet, even through a firewall, is beyond me....

[ more ]  [ reply ]
Re: "Data storm" blamed for nuclear-plant shutdown 2007-05-21
Anonymous (2 replies)
The article states the internal network is not connected to the internet....

[ more ]  [ reply ]
Re: Re: "Data storm" blamed for nuclear-plant shutdown 2007-05-22
Anonymous european consultant
I have been working with european power industry for 3 years and many scada systems both for nuclear and waterpower production as well as electrical distribution have indirect internet connections through the internal administrative network. Believe me there is a lot of ignorance and unawaerness reg...

[ more ]  [ reply ]
Re: Re: "Data storm" blamed for nuclear-plant shutdown 2007-05-22
Anonymous
The more I have seen supposedly "disconnected" networks...the more I am mollified that so few people know what that means. I have *never* seen a network in a plant that was truly disconnected. Always there is a some modem, some device, or some other way to communicate with a supposedly isolated ne...

[ more ]  [ reply ]
What Windows? 2007-05-21
WRM (1 replies)
I see a lot of systems and a lot of acronyms but no mention of Windows. Thanks for the FUD, dud!

"The integrated control system (ICS) network is not connected to the network outside the plant..."

"The device responsible for flooding the network with data appears to be a programmable logic con...

[ more ]  [ reply ]
Re: What Windows? 2007-05-22
Anonymous (2 replies)
This Windows:

In August 2003, nearly 50 million homes in the northeastern U.S. and neighboring Canadian provinces suffered from a loss of power after early warning systems failed to work properly, allowing a local outage to cascade across several power grids. A number of factors contributed to th...

[ more ]  [ reply ]
Re: Re: What Windows? 2007-05-26
Anonymous
Blame Bill even if he doesn't have a thing to do with. LMAO come on guys....

[ more ]  [ reply ]
Re: Re: What Windows? 2007-05-29
Anonymous
Yep, that was in the article, but not what the article was about.

Context, anyone?...

[ more ]  [ reply ]
"Data storm" blamed for nuclear-plant shutdown 2007-05-22
0xnull (2 replies)
It appears that Digital Bond needs to take another look at their market. These comments are not only misleading, but serves to spread the typical FUD - fear, uncertainty, and doubt. As a Security Engineer in this space, exploiting a Control System is much more difficult than one is led to believe...

[ more ]  [ reply ]
Re: "Data storm" blamed for nuclear-plant shutdown 2007-05-23
p0wer-p3ntester (2 replies)
As an evidentally more knowledgable "Security" professional in the space, I can tell you Control Systems are are generally _more_ trivial to exploit than one is led to believe.

However, modern US "reactor protection systems", which do not reside on the Ethernet, would prevent even an "intentional...

[ more ]  [ reply ]
Re: Re: "Data storm" blamed for nuclear-plant shutdown 2007-05-24
Anonymous
You don't have to create a meltdown to get a lot of press, much as we've seen here. Just cause a massive failure and emergency reaction, and it costs tons in lost reputation, lost production, regulatory inquiry, etc....

[ more ]  [ reply ]
Re: Re: "Data storm" blamed for nuclear-plant shutdown 2007-05-29
0xnull
Allow me restate. A properly secured and engineered control system is very difficult to break into from the public domain. If it were trivial, the toilets wouldn't flush, the lights wouldn't stay on, our food would be suspect and travel (anywhere) would be atrocious.

THAT said, in a test enviro...

[ more ]  [ reply ]
Re: "Data storm" blamed for nuclear-plant shutdown 2007-05-24
Anonymous (1 replies)
Then apparently, you haven't tried to exploit these systems. I find that they are far easier to exploit or bring down in some fashion than any PC. A simple port scan by IT has on many occasions caused massive shutdowns in controls environments. Just a little bit of research, and someone could eas...

[ more ]  [ reply ]
Re: Re: "Data storm" blamed for nuclear-plant shutdown 2007-05-25
DeMartian
It does state in the article that a simple safe-mode Nessus scan will bring the devices down, so I don't think there is any argument that these devices are written poorly.

It seems that they are able to shut them down manually and restart them and they are ok with that rather than holding the ven...

[ more ]  [ reply ]
"Data storm" blamed for nuclear-plant shutdown 2007-05-23
Fred
The US/Canada Task Force explicitly concluded that Blaster did NOT have any part in the 2003 Blackout. Where did Mr. Lemos get his info from? ...

[ more ]  [ reply ]
"Data storm" blamed for nuclear-plant shutdown 2007-06-21
Anonymous
The article clearly stated that a PLC caused the "data storm". Does anybody know the type of PLC: manufacturer and model? I am working to unravel a problem of this very nature, where a critical control system suffered a data storm and the source of the storm is unknown. It does have several PLC'...

[ more ]  [ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus