Major Cyber Attack on SIS Systems–and we told you so!

Insiderlogo3The late Bob Adamski didn’t live to see his prediction from the early 2000s come true, but it has. Here are some of the reports:

From FireEye, on 12/14/17:

Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure

And on 12/15,

New TRITON ICS Malware is Bold and Important

Bob and I, and Joe Weiss, have been continuously predicting this development since at least 2004. Yet it is now 2017, and the systems are still vulnerable. This is stupid.

Although the attack apparently only accidentally shut down the plant, during a search for operational data, the attack could have easily been used to destroy the plant utterly by spoofing the SIS system and using it to cause extremely unsafe conditions leading to catastrophic accidents.

At some point, somebody has to be willing to recognize how fragile OT systems are, really, and how easily they can be disrupted. It is said that our civilization is three days from anarchy. The late Dr. Jerry Pournelle, inventor of the Star Wars Defense for Ronald Reagan, said we were three weeks from cannibalism if the lights went out and stayed out.

This is seriously dangerous, folks, and I am tired, and Joe Weiss is tired, and Bob Adamski was tired before he died, of being told we are fear-mongering. We aren’t. And now we can prove it.

 

 

 

2 Responses

  1. I never doubted that this was going to happen. The sad details behind this event are that the people involved in their design didn’t understand the risks. The SIS should never have been writable on any network. Even in this sad situation, the attackers wouldn’t have been able to get far if only the SIS PLC hadn’t been left with the key switch in PROGRAM mode.

    Maybe it is unreasonable for operations to understand their control systems. But it seems that even many engineers don’t get it. If they don’t understand the security issue, then what hope can anyone have?

    We need to start teaching this stuff in schools and in continuing education programs for industry before someone gets hurt or killed.

Leave a Reply