NOTA BENE

Notes, comment and buzz from Eugene Kaspersky – Official Blog

April 1, 2013

Securing Mother-SCADA.

Hi all!

We’re always assessing the state of the world of computers by prodding it with various hi-tech instruments in different places, taking measurements from different Internet sensors, and studying “information noise”. From the information we glean from all this, plus data from other sources, we constantly evaluate the overall body temperature and blood pressure of the computer world, and carefully monitor the main risk areas. And what we’re seeing at the mo – that’s what I’ll tell you about in this post.

To many, it seems that the most diseased elements of the digital world are home computers, tablets, cellphones and corporate networks – that is, the computer world that most folks know about – be it of a work or home/consumer coloring. But they’d be wrong. Despite the fact that the majority of cyberattacks occur in “traditional” cyberspace (cyberespionage, cybercrime, etc.), they don’t represent the main threat. In actual fact, what should be feared most of all are computer attacks on telecommunications (Internet, mobile networks) and ICS (automated Industrial Control Systems).

One particular investigation of ours, conducted as part of our ongoing secure OS project, detected a seriously low level of “computer immunity” for control systems of critically important infrastructure. ICS, including SCADA, all of which is made up of software and computerized hardware, is responsible for controlling – and the smooth, uninterrupted running of – tech-processes in practically every sector of industry, be it the power industry, transportation, the mass media, and so on. Computer systems control critical aspects of all modern cars, airplanes and trains; every power station and waterworks, every factory, and even every modern office building (lifts, electricity and water supply, emergency systems like smoke alarms and sprinklers, air conditioning, etc.). SCADA and other ICS – it’s all imperceptible, working in the background in some corner or other nobody takes any notice of… but a whole lot around us depends on it.

Alas, as with any other computer systems, SCADA & Co. can be exposed to malware and hacker attacks, as was clearly demonstrated by the Stuxnet worm in 2010. Therefore, protection of critically important systems has become one of the main strategic priorities of computer security in most developed countries of the world, while in response to cyberattacks on critical infrastructure some countries are ready to go to war – real tanks-and-bombs war (if they can find out which country is responsible). So indeed, the situation’s sure hotting up.

Of course, we’re on the case with SCADA security, and have been for a while. Over the last several years we’ve been conducting detailed analysis of ICS, been establishing the fundamental principles of SCADA security, and also developing a prototype solution for guaranteed SCADA protection from malware threats – based on traditional endpoint security and our secure OS. Products fit for consumption aren’t ready just yet, but active work is currently underway – so they should be soon…

Now, while continuing our usual analysis of SCADA security, earlier today we stumbled upon one heck of a big surprise: we came across “Mother-SCADA”, the chief, predominant, all-powerful ICS of the whole world, on whose smooth and uninterrupted operation relies literally everything on the planet: from how breakfast tastes and the size of annual bonuses, to the hours of night and day time and how fast the sun and the stars move across the skies.

Yep, we’ve gone and found the SCADA that manages all the technological processes in the Matrix!

Mother SCADA admin panel

You’ve probably all heard about the progressive work of the American scientists the Wachowskis, which confirms that the terrestrial earth (as it is seen by us humans) is a projected, virtual world of a real world. Technically, this projection is made possible using the industrial complex of the Matrix. And so our uncovering Mother-SCADA – the chief behind-the-scenes enabler of the Matrix – is no less than phenomenal. It represents a lot more than the customary showcasing of our cybermastery, and it’s not the next all-new cyber-frightener we’ve uncovered. No. This, clearly and very loudly represents our taking a giant step leap forward and upward on behalf of both man and mankind to a new paradigm of cybertechnology, changing our very perception of reality as we know it.

Of course, since this morning’s discovery, protecting Matrix SCADA is now the single most important task facing us all today, since control of the “upper level of reality” has the trickle-down effect of ensuring computer security in our projected world. Today, we managed only to plug into Mother-SCADA and conduct preliminary analysis of the system. Critical vulnerabilities so far haven’t been found, but the architecture of the system doesn’t permit a 100% guarantee of its security, even though it’s built on an unknown branch of UNIX. We also attempted analysis of the security of its PLC (programmable logic controllers); however, alas, we weren’t able to determine the manufacturer.

Without question a lot of work lies ahead; investigating Mother-SCADA has only just begun; but there’s also some good news: the data we already have are sufficient for the projection of extra systems of its security. Therefore (drum roll … cymbal crash!), I hereby formally (in a not-so formal blog post) announce today the start of development of a security solution for the omniscient, omnipotent, mother of all SCADAs – Mother-SCADA. I also would like to call on the world’s top experts to come and work with us – to help design and implement the required Mother-SCADA security and the secure operating systems it relies upon. Welcome!

That’s all on Matrix SCADA for now. Expect more earth-shattering news later today!…

comments 2 Leave a note

Tyler Durden

Neo and Trinity are very happy:)

0
Reply to conversation

Boris Zhdanov

Здорово придумано!

0
Reply to conversation
Trackbacks 1

Securing Mother-SCADA « adafruit industries blog

Leave a note
April 24, 2015

Singapore through the eyes of a first-timer.

Hi all! D.Z. – this is one of most distinguished and respected KLers, with us since last century (taking a brief creative break in the mid-2000s). D.Z. has also been my fellow traveler a d.z.illion times to… oh, practically everywhere on this planet – but surprisingly not to Singapore. He always takes with him a trusty […]

April 21, 2015

INTERNET-INTERPOL-2015.

I first used the term ‘Internet-INTERPOL’ somewhere around the start of the 2000s. The first time I got round to writing it down was in 2003. This year – 2015 – some 12 years later, finally, what I’ve been talking about, pushing for, advocating, promoting all these years is here: An INTERPOL division dedicated exclusively […]

April 17, 2015

On a plane to Singapore: the kino – very poor.

Hi all! Continuing a fave theme of mine here. No, not volcanoes; no, not cliffs; and no, not banya. Instead: planes, aeroplanes and airplanes… Recently we flew on an Internetted Singapore Airlines Boeing 777 to Changi. And the experience was… mixed.

April 1, 2015

Internet on a jet.

Back on the road again… Rather – up in the air. So I continue one of my fave, recurring themes – flying and planes and all that. 2015 kicked off with some serious avia action for me: I’m already on my 30th flight, having been up in the skies 130+ hours. Not that I’m complaining – […]

March 31, 2015

A hotel on the banks of the Colorado. Woh!

There are a great many beautiful and unusual towns and cities in the world, there are volcanoes, there are valleys and canyons, and islands and lakes. There are also of course rivers: loads of them – all different. There are the grandiose, like the super-wide Amazon with its adjacent jungles, anacondas, piranhas, crocodiles and other […]

March 28, 2015

Hold on tight! In an off-road vehicle – off-road in Utah.

A few words about the vehicle that transported us about in Utah. And let’s not forget the super chauffeur… Here she is, a classic of the genre, giving the Land Rover Defender a run for its money: the Toyota Land Cruiser. Quite an old one at that. Only demonstrates the ruggedness of this remarkable 4×4: […]

More