unlikely

Routers get shipped en mass pre-configured with standard corporate (known by many, easily cracked) passwords. Rarely are they changed.

SCADA isn't designed for ANY network attachment. Any security on it is an afterthought, and rarely works. The vast majority of our electrical infrastructure, chemical plants, manufacturing plants, etc, are run from off the shelf SCADA components which are not intended to be connected to the back-office network.

And they always connect it so the engineers can work remotely and the back-office people can get ongoing automated reports. Which in turn allows malware to attack them, and the malware is SIMPLE.

You work in the office. You hear all the good things that the managers are reporting. I work in the tranches. I see what they are not.

Your daily lookers are too busy fighting fires, and they don't have access to the proprietary underlying SCADA code to fix it anyway. They try to sandbox it via routers and firewalls, but it is piecemeal, and doesn't work.

Post #344,769 by beepster 7/13/11 10:42:39 AM Reply	unlikely those things are being looked for...daily...but some very very smart folks. Sure, understanding today's complex world of the future is a little like having bees live in your head. But...there they are.
Post #344,771 by boxley 7/13/11 1:39:12 PM Reply	scada is p0wned Any opinions expressed by me are mine alone, posted from my home computer, on my own time as a free American and do not reflect the opinions of any person or company that I have had professional relations with in the past 55 years. meep
Post #346,201 by crazy 8/15/11 1:43:23 PM Reply	Not a chance Routers get shipped en mass pre-configured with standard corporate (known by many, easily cracked) passwords. Rarely are they changed. SCADA isn't designed for ANY network attachment. Any security on it is an afterthought, and rarely works. The vast majority of our electrical infrastructure, chemical plants, manufacturing plants, etc, are run from off the shelf SCADA components which are not intended to be connected to the back-office network. And they always connect it so the engineers can work remotely and the back-office people can get ongoing automated reports. Which in turn allows malware to attack them, and the malware is SIMPLE. You work in the office. You hear all the good things that the managers are reporting. I work in the tranches. I see what they are not. Your daily lookers are too busy fighting fires, and they don't have access to the proprietary underlying SCADA code to fix it anyway. They try to sandbox it via routers and firewalls, but it is piecemeal, and doesn't work.
Post #346,204 by beepster 8/15/11 2:10:18 PM Reply	Actually In general, I would agree..what I'm referencing is not in general. No more can be said here. Not talking to the managers. Talking to the engineers. Sure, understanding today's complex world of the future is a little like having bees live in your head. But...there they are.
Post #346,231 by crazy 8/15/11 10:17:58 PM Reply	Hey, maybe you've seen a decent implementation But you know the vast open sea of SCADA installed base, just waiting to be hacked, isn't going away.
Post #346,244 by beepster 8/16/11 7:02:53 AM Reply	Yes I have, and yes I know.. ...and hopefully they will go away...need to keep busy;-) Sure, understanding today's complex world of the future is a little like having bees live in your head. But...there they are.

Welcome to IWETHEY!