Subscribe via E-mail

Your email:

Most Popular Posts

Latest Posts

Posts by category

Current Articles | RSS Feed RSS Feed

The Russians Are Coming! (Nope, Not Really...)

Posted on Fri, Dec 16, 2011 @ 02:22 PM
  
  
  
  

It's widely reported that the initial reports of Russians hacking into an Illinois municipal water system are entirely false.  The allegation was that they had compromised the SCADA system that controls the infrastructure, and caused a pump to malfunction, thereby depriving the good people of Illinois of drinking water, if not actually invading their bodily fluids. As it turns out, it was just a contractor logging into the system while on vacation in Russia.

The fact that this story was false makes it no less interesting from the perspective of trying to understand the vulnerabilities of the information systems that manage our infrastructure, including physical security. 

The first set of questions concern prevention.  Have you actually done anything to prevent hackers from being able to gain access to your security systems?  If so, when was the last time those measures were validated or audited?  Have you ever had any professional “white hat” hackers actually test the information security around your access or video system?  If not, what makes you so sure they are safe?

A second set of questions concerns detection.  How would you know if a spy or hacker logged onto your security system?  Does your system keep any evidence of who logged in, or where they were when they did so? Or would they be able to cover their tracks?  Does your staff regularly monitor access to your control systems?

Finally, what’s the extent of damage that someone could cause by hacking into your security system?  Could they get into your building?  Could they lock people out?  Could they cause a life hazard?  How quickly would be able to recover?  Do you have backup systems?

We’ve written before in this space of the need for auditing, geographic redundancy, continuous penetration testing, and avoiding any system architecture that requires you to increase your network exposure by opening ports in your firewall. The potential threat illustrated by foreign hackers has been discussed extensively in connection with our utility grid, but I’m not sure we’ve really taken stock of it in the physical security industry. It’s probably time we did.

The amazing thing about the alleged case in Illinois is that the organization actually detected access to the system from a Russian IP address, and was able to react to it as quickly as they did.  My hat’s off to them.  It’s a good lesson for us all.

- Steve Van Till

Tags: , ,

Comments

Currently, there are no comments. Be the first to post one!
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics