Geoff,
Often any wireless data system is assumed to be "WiFi" and therefore
"vulnerable" with regard to security. Looking at the Synetcom link that
you have posted reveals that:
1. Synetcom makes wireless equipment that interfaces with SCADA systems.
(SCADA systems are typically used to monitor water levels and turn
pumps on and off)
2. Synetcom wireless equipment is available for both licensed and unlicensed
frequencies.
3. The Synetcom wireless equipment is not "WiFi". It uses proprietary
over-the-air modulation and protocols. You can not connect to it using
WiFi equipment.
To summarize - WiFi is wireless but not all wireless is WiFi.
Hope this helps shed a bit more light on possible blackout causes.
I'm still monitoring the news and so far have seen no solid conclusion
about what caused the blackout. My suspicions remain regarding whether
the blackout was intentionally triggered by personnel within the electric power
industry.
Cheers,
jack
Geoff Shively wrote:
> Jack,
> Nope nothing just yet, and I don't expect anyone will.
>
> If you read closely the core of the original email was background
> data on the system I was inquiring about (SCADA/DCS/Infrastrucre
> Control Sys). WiFi Accessibility was simply a point of interest for me
> in this realm of research.
>
> It is interesting, the authoritative data on wifi accessible SCADA/DCS
> systems implemented in and around the united states, particularly southern
> California. (By MDS, Synetcom [http://www.synetcom.com/], WEL
> Associates, and many more).
>
> What I would love to know is if anyone on here has any knowledge of
> the
>
> Cheers,
>
> Geoff Shively, CHO
> PivX Solutions, LLC
>
> http://www.pivx.com
>
> ----- Original Message -----
> From: "Jack Unger" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, August 28, 2003 11:59 AM
> Subject: Re: [SOCALWUG] Power outages related to DCOM Worm, WiFi accessible?
>
> > "WOW" indeed, Scott.
> >
> > Have you come across any AUTHORITATIVE information yet that indicates that
> wireless had
> > ANYTHING to do with the blackout? If so, please share....
> >
> > Thanks,
> > jack
> >
> >
> > [EMAIL PROTECTED] wrote:
> >
> > > WOW
> > >
> > >
> > >
> > > Sincerely,
> > > Scott
> > >
> > > [EMAIL PROTECTED]
> > > www.scottsmarineservices.com
> > > www.boat-parts.net
> > > www.boatparts.us
> > > www.LaWirelessWeb.com
> > >
> > > Scotts Marine Services
> > > 4105 Lincoln ave.
> > > Culver City, California 90232
> > > Phone & Fax 310-559-5353
> > >
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: Geoff Shively [mailto:[EMAIL PROTECTED]
> > > Sent: Friday, August 15, 2003 6:12 PM
> > > To: [EMAIL PROTECTED]
> > > Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> > > Subject: Re: [SOCALWUG] Power outages related to DCOM Worm, WiFi
> > > accessible?
> > >
> > > Jack,
> > >
> > > Before reading any of your own text, you may want
> > > to view this PBS documentary. It is only 10 minutes long
> > > and even if you aren't a PBS fan it has good data and support
> > > everything I am saying.
> > >
> > > http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/view/
> > >
> > > I would hope most review presented data before forming an
> > > argument against it.
> > >
> > > > But your logic is so well...
> > > > it's so uh... uh...
> > > > it's uh... it's so lacking, dude.
> > >
> > > My logic or my data, or both? Please clarify.
> > >
> > > > Are you asking the question or making an assertion?
> > > > The answer is no, in most cases, they're not WiFi accessible.
> > >
> > > I was attempting to keep the subject short and concise.
> > >
> > > > Some have said, huh. Who are these authoritative folks?
> > >
> > > If they were as authoritative as your argument precedes,
> > > then I wouldn't have bothered asking the list about WiFi.
> > >
> > > Bernie, CTA [mailto:[EMAIL PROTECTED] had some good data
> > > from his days working with these systems, if you would like
> > > to contact him feel free. I have CC'd Bernie on this thread.
> > >
> > > Attached is the original email to the full-disclosure list.
> > >
> > > > Lots of talk, eh?? Gosh, I guess that makes it true, No?
> > >
> > > No but at the very least I have some data backing my logic,
> > > I see nothing but cynical comments and lacking data to support
> > > your theory that mine is false. Present some and then we can
> > > talk in what I hope is a tactful fashion.
> > >
> > > > The changes that you assert "could" have taken place?
> > >
> > > I would love to see one bit of evidence that isn't speculative
> > > at this point. Yes, this could have taken place, and to present
> > > it I used research data to form my verbiage. Is this not how
> > > you come about finding an answer?
> > >
> > > > "Very well penetrate" - what a convincing argument.
> > >
> > > In security, do we not asses risk and mitigate it as necessary?
> > > well before we can mitigate the risk here we have to present
> > > the case for how probable it is to get into one of these systems.
> > >
> > > > Thanks for your expert analysis and opinion, oops, you're not really
> > > > an expert are you?
> > >
> > > I don't claim to be and never have. This does not take a power expert
> > > to understand. Example, most know how a car works, but could they
> > > ever build one, no. I am simply putting pieces of a puzzle together
> > > based on experts I do speak with, as the members of our national
> > > media are not practicing responsible reporting, and listening to
> > > uneducated guesses about the system's architecture.
> > >
> > > > Oh, the industry may be pretty well prepared, Geoff. They may in fact
> > > > have created the problem themselves to get the government
> > > > (Oopps... I mean the taxpayers) to give them 50 or 60 billion dollars
> > > > to "upgrade" the grid (continuing to artificially reduce the supply of
> > > power and
> > > > then trade power at inflated rates at a huge profit) and make it
> > > easier
> > > for them
> > > > to rip off the nation like they have already ripped-off California. Oh
> > > my
> > > God,
> > > > maybe now I'm the crackpot who's gone "over the edge". Well, at least
> > > that
> > > will
> > > > lend YOU some credibility and make your marketing efforts
> > > > suddenly look legitimate. Don't say I never gave you anything!
> > >
> > > I have not made one reference to assumed information as I said before my
> > > information is based upon facts.
> > >
> > > Please, do describe what you mean by this marketing?
> > >
> > > > "could be"
> > >
> > > Could be anything, but facts will lead us to an answer. It really is
> > > that
> > > simple.
> > >
> > > > Holy crap!!! With a pile of documents as high as the sky,
> > > > how can you possibly be wrong?
> > >
> > > Facts are facts, I don't know what else to say. I could be wrong, and
> > > that
> > > is
> > > my biggest asset. I don't assert that this is definitely what happened.
> > >
> > > With that said, I would have preferred that such a tactless and cynical
> > > reply
> > > to what was intending as an informative and inquisitive post be handled
> > > off
> > > of the list. Oh well, live and learn.
> > >
> > > Cheers,
> > >
> > > Geoff Shively, CHO
> > > PivX Solutions, LLC
> > >
> > > Are You Secure?
> > > http://www.pivx.com
> > >
> > > ----- Original Message -----
> > > From: "Jack Unger" <[EMAIL PROTECTED]>
> > > To: <[EMAIL PROTECTED]>
> > > Sent: Friday, August 15, 2003 5:04 PM
> > > Subject: Re: [SOCALWUG] Power outages related to DCOM Worm, WiFi
> > > accessible?
> > >
> > > > Nice marketing piece, Geoff...
> > > >
> > > > Hey - don't take this personally - I have no arguement
> > > > with you. But your logic is so well...
> > > > it's so uh... uh...
> > > > it's uh... it's so lacking, dude.
> > > >
> > > > Geoff Shively wrote:
> > > >
> > > > > Power outages related to DCOM Worm, are SCADA and DCS WiFi
> > > Accessible?
> > > >
> > > > Are you asking the question or making an assertion?
> > > > The answer is no, in most cases, they're not WiFi accessible.
> > > >
> > > > > Some
> > > > > have said that they are accessible via WiFi and a potential attacker
> > > could
> > > > > break protection mechanisms thus gaining access to control and
> > > acquired
> > > > > data.
> > > >
> > > > Some have said, huh. Who are these authoritative folks?
> > > >
> > > > > Is there any truth to this, any SCADA, DCS, or HMI experts on the
> > > > > list?
> > > >
> > > > Probably not. This is a wireless list.
> > > >
> > > > >
> > > > > Furthermore, there has been allot of talk on bugtraq, full
> > > disclosure,
> > > and
> > > > > dsheild about the latest American power crisis being caused by
> > > malicious
> > > > > computer activities or worm.
> > > >
> > > > Lots of talk, eh?? Gosh, I guess that makes it true, No?
> > > >
> > > > >
> > > > > A bit of background on the systems that control power facilities.
> > > > > Distributed control systems (DCS) and supervisory control and data
> > > > > acquisition (SCADA) systems are the key elements of facility
> > > control.
> > > remote
> > > > > terminal units "RTU". SCADA runs under Win2000 / XP and the
> > > telemetry
> > > to
> > > > > the RTU is accessible via the Internet.
> > > >
> > > > So these control systems are Internet accessible, huh? Got any
> > > convincing
> > > > proof of that?
> > > >
> > > > >
> > > > > SCADA (Supervisory Control And Data Acquisition) and DCS
> > > (Distributed
> > > > > Control Systems) are highly vulnerable to attack.
> > > >
> > > > Oh really, can't you be more specific? But wait, your just throwing a
> > > bunch of
> > > > acronyms around, huh? No real facts there...
> > > >
> > > > > An attacker could very
> > > > > well penetrate these systems to make changes or implement simple
> > > scripts
> > > to
> > > > > cause a legitimate operator to make unnecessary changes to a large
> > > scale
> > > > > power grid.
> > > >
> > > > "Very well penetrate" - what a convincing argument.
> > > >
> > > > > These changes could result in massive failure causing an
> > > > > international power crisis.
> > > >
> > > > The changes that you assert "could" have taken place?
> > > >
> > > > >
> > > > > Be it from a worm or home grown hack, these latest power failures
> > > were
> > > > > unlikely to have been caused by a physical failure that would have
> > > surfaced
> > > > > by now.
> > > >
> > > > Thanks for your expert analysis and opinion, oops, you're not really
> > > > an expert are you?
> > > >
> > > > > Power failures from the years past have brought about legislation
> > > > > and system changes that deal with most large scale issues as they
> > > arise
> > > to
> > > > > mitigate risk of large scale failure, whatever happened this time
> > > was a
> > > new
> > > > > problem the industry was not prepared for.
> > > >
> > > > Oh, the industry may be pretty well prepared, Geoff. They may in fact
> > > > have created the problem themselves to get the government
> > > > (Oopps... I mean the taxpayers) to give them 50 or 60 billion dollars
> > > > to "upgrade" the grid (continuing to artificially reduce the supply of
> > > power and
> > > > then trade power at inflated rates at a huge profit) and make it
> > > easier
> > > for them
> > > > to rip off the nation like they have already ripped-off California. Oh
> > > my
> > > God,
> > > > maybe now I'm the crackpot who's gone "over the edge". Well, at least
> > > that
> > > will
> > > > lend YOU some credibility and make your marketing efforts
> > > > suddenly look legitimate. Don't say I never gave you anything!
> > > >
> > > > >
> > > > > We know that SCADA and DCS systems are supplied by one of 5 major
> > > vendors
> > > > > and these system are advertised on the vendors websites to run
> > > Microsoft
> > > > > Windows versions 95, 2000 and NT. Also advertised is DCOM and RPC
> > > support
> > > > > within these systems, RPC/DCOM recently became famous as the
> > > Lovsan/Blaster
> > > > > worm exploited this protocol to spread across the internet. With
> > > this
> > > said
> > > > > it is likely
> > > >
> > > > It's very truly "likely", Geoff - because you said that it's
> > > likely....
> > > > that makes it true, No?
> > > >
> > > > > that an infected system infected a SCADA or DCS, and could be
> > > >
> > > > "could be"
> > > >
> > > > >
> > > > > why we are seeing large scale outages across the country. This is
> > > not a
> > > > > Microsoft problem as many would like to say, though it is a problem
> > > with
> > > > > patch management.
> > > > >
> > > > > Below is documentation on the problem, the first one sums up the
> > > problem
> > > > > nicely (DCOM
> > > > > and SCADA white papers):
> > > >
> > > > Holy crap!!! With a pile of documents as high as the sky,
> > > > how can you possibly be wrong?
> > > >
> > > > >
> > > > > http://www.automationtechies.com/sitepages/pid641.php
> > > > >
> > > > > http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/view/
> > > > >
> > > > > http://www.scada-system.com/scada-software-windows.htm
> > > > >
> > > > > http://www.data-acquisition-software.com/index.htm
> > > > >
> > > > > Cheers,
> > > >
> > > > Cheers, Geoff.... and thank you again for such a well-planted
> > > > marketing piece - opps I mean such an accurate, informative,
> > > > scientific and enlightening post. I'll look forward to your next
> > > > post where you'll tell us how to use WiFi to take over control
> > > > of cruise missiles.
> > > > jack
> > > >
> > > > > Geoff Shively, CHO
> > > > > PivX Solutions, LLC
> > > > >
> > > > > Are You Secure?
> > > > > http://www.pivx.com
> > > >
--
Jack Unger - President, Wireless InfoNet Inc.
Author of the WISP Handbook - "Deploying License-Free Wireless WANs"
http://www.ask-wi.com/book.html
True Vendor-Neutral WISP Training-Troubleshooting-Consulting
http://www.ask-wi.com/services.html
Email: [EMAIL PROTECTED] Phone: (818)227-4220
