- More porn sneaks onto the iPhone
- 'Swatting' case shows need to ban caller-ID spoofing
- Why the iPhone can't be "killed"
- Nortel enterprise chief wants to bring back Bay
- US sets final emergency responder wireless pilot
SAN FRANCISCO -- Cracking a power company network and gaining access that could shut down the grid is simple, a security expert told an RSA audience, and he has done so in less than a day.
Ira Winkler, a penetration-testing consultant, says he and a team of other experts took a day to set up attack tools they needed then launched their attack, which paired social engineering with corrupting browsers on a power company's desktops. By the end of a full day of the attack, they had taken over several machines, giving the team the ability to hack into the control network overseeing power production and distribution.
Winkler says he and his team were hired by the power company, which he would not name, to test the security of its network and the power grid it oversees. He would not say when the test was done, but referred to the timeframe as "now." The company called off the test after the team took over the machines.
"We had to shut down within hours," Winkler says, "because it was working too well. We more than proved that they were royally screwed." In addition to consulting, Winkler is author of the books Spies Among Us and Zen and the Art of Information Security.
The problem is pervasive across the power industry, he says, because of how power company networks evolved. Initially their supervisory, control and data acquisition (SCADA) networks were built as closed systems, but over time intranets and Internet access have been added to the SCADA networks. Individual desktops have Internet access and access to business servers as well as the SCADA network, making the control systems subject to Internet threats. "These networks aren't enclosed anymore. They've been open for more than a decade," Winkler says.
The penetration team started by tapping into distribution lists for SCADA user groups, where they harvested the e-mail addresses of people who worked for the target power company. They sent the workers an e-mail about a plan to cut their benefits and included a link to a Web site where they could find out more.
When employees clicked on the link, they were directed to a Web server set up by Winkler and his team. The employees' machines displayed an error message, but the server downloaded malware that enabled the team to take command of the machines. "Then we had full system control," Winkler says. "It was effective within minutes."
The Leader in Network Knowledge
Comments (33)
the day.................By Anonymous on April 15, 2009, 6:52 pmthe lights go out in America- Will be the day the poeple wake up
Reply | Read entire comment
securing power gridBy Anonymous on April 11, 2009, 4:52 pmwell ovioiusly it is easy to hack now only for one reason it has been net worked before the power grids were ran off closed ciructs now were online witch make it...
Reply | Read entire comment
gBy Anonymous on February 24, 2009, 6:23 pmeasy to get hack power 534.23 go on www.hfxxx.com
Reply | Read entire comment
Securing Power Grids With CoreTrace BouncerBy Anonymous on January 27, 2009, 9:38 amEvery day more and more Utility Companies are turning to Application Whitelisting because of the failures of signature-based security products like anti-virus and...
Reply | Read entire comment
Who needs power gridsBy Anonymous on June 12, 2008, 4:10 pmWhy don't you do that. Have everybody that believes that also do it and that way they wouldn't need to build any more grids. There are lots of places in Indonesia...
Reply | Read entire comment
View all comments