RE: [Full-Disclosure] east coast powergrid / SCADA [OT?]

Fri, 15 Aug 2003 16:33:13 -0700

Title: RE: [Full-Disclosure] east coast powergrid / SCADA [OT?]

It wasn't. Say some luser with an unpatched/compromised laptop connected to the network. *poof*

What I have more trouble believing is that a single workstation/controlstation would allow a large enough change to a power plant to cause an effect like this.

In an ideal world, doing something like shuting down the whole power station would be like firing a nuke: You need two people with keys, they're too far apart for one person to do it by themself, etc.

Just my $.02.

Joshua Thomas
Network Operations Engineer
PowerOne Media, Inc.
tel: 518-687-6143
[EMAIL PROTECTED]

-----Original Message-----
From: gml [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 15, 2003 4:50 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: [Full-Disclosure] east coast powergrid / SCADA [OT?]


I can't image that anything really important would be connected to the
internet.  Then again who knows right.

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of
[EMAIL PROTECTED]
Sent: Friday, August 15, 2003 3:41 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: [Full-Disclosure] east coast powergrid / SCADA [OT?]

At least on the west coast they do not, I think the requirements of the
systems are way out of Microsoft's range. Lot's and Lot's of Unix

-----Original Message-----
From: Michael Scheidell [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 15, 2003 11:36 AM
To: tetsujin
Cc: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] east coast powergrid / SCADA [OT?]


>
> Paller said it is "highly unlikely" that the process control computers

> behind critical infrastructure like power in the United States would
> run on the Windows operating system.

well, ONTARIO HYDRO does seem to have SOME windoes boxes.. at least here
is one that appears to have been infected with slammer:

http://www.hackertrap.net/LID.pl?IID=39335068

(Aug 9th through the 12th?)


--
Michael Scheidell, CEO
SECNAP Network Security, LLC
Sales: 866-SECNAPNET / (1-866-732-6276)
Main: 561-368-9561 / www.secnap.net
Looking for a career in Internet security?
http://www.secnap.net/employment/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Reply via email to