It's really easy for you to comment about what should or should not have been done by the people at the N-plant. But it seems that none of you have actually worked with these systems.

(1) They are not home-grown but commercial systems, so you have little choice as to the operating system or database. 99% of the vendors write for Microsoft

(1a) Microsoft is the path of least resistence. The company probably uses Windows for their regular office work, and employees use it at home.

(2) They are usually proprietary systems. If you want to communicate with devices made by company X, you need software made by company X. Even if it uses an "open" protocol, company X will only support their software.

(3) As has been said before, you don't want to risk a patch on a live production system controlling something as critical as a Nuke plant without testing and support from the manufacturer.

(4) Similarly, implementing hardware and software firewalls may conflict with the software. What if the software required RDP? Then obviously you can't use a software firewall to prevent use of that port. What if the software used a proprietary protocol and the company wouldn't tell you what ports it needed? You just don't want to block unknown network ports and shut your plant down.

If not saying that the Nuke plant staff was blameless. But some of the blame goes out to the vendor. And some of the blame goes out to Microsoft, because the security holes should not have been there in the first place.

The damage of these MS worms is as much related to the number of unpatched systems out there as it is to the popularity of Windows. If 90% of the computers on the net ran Linux instead of Windows, there's be the same proportion running unpatched systems vulnerable to some worm or another.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/6767/21760#21760