NOTA BENE

Notes, comment and buzz from Eugene Kaspersky – Official Blog

April 1, 2013

Securing Mother-SCADA.

Hi all!

We’re always assessing the state of the world of computers by prodding it with various hi-tech instruments in different places, taking measurements from different Internet sensors, and studying “information noise”. From the information we glean from all this, plus data from other sources, we constantly evaluate the overall body temperature and blood pressure of the computer world, and carefully monitor the main risk areas. And what we’re seeing at the mo – that’s what I’ll tell you about in this post.

To many, it seems that the most diseased elements of the digital world are home computers, tablets, cellphones and corporate networks – that is, the computer world that most folks know about – be it of a work or home/consumer coloring. But they’d be wrong. Despite the fact that the majority of cyberattacks occur in “traditional” cyberspace (cyberespionage, cybercrime, etc.), they don’t represent the main threat. In actual fact, what should be feared most of all are computer attacks on telecommunications (Internet, mobile networks) and ICS (automated Industrial Control Systems).

One particular investigation of ours, conducted as part of our ongoing secure OS project, detected a seriously low level of “computer immunity” for control systems of critically important infrastructure. ICS, including SCADA, all of which is made up of software and computerized hardware, is responsible for controlling – and the smooth, uninterrupted running of – tech-processes in practically every sector of industry, be it the power industry, transportation, the mass media, and so on. Computer systems control critical aspects of all modern cars, airplanes and trains; every power station and waterworks, every factory, and even every modern office building (lifts, electricity and water supply, emergency systems like smoke alarms and sprinklers, air conditioning, etc.). SCADA and other ICS – it’s all imperceptible, working in the background in some corner or other nobody takes any notice of… but a whole lot around us depends on it.

Alas, as with any other computer systems, SCADA & Co. can be exposed to malware and hacker attacks, as was clearly demonstrated by the Stuxnet worm in 2010. Therefore, protection of critically important systems has become one of the main strategic priorities of computer security in most developed countries of the world, while in response to cyberattacks on critical infrastructure some countries are ready to go to war – real tanks-and-bombs war (if they can find out which country is responsible). So indeed, the situation’s sure hotting up.

Of course, we’re on the case with SCADA security, and have been for a while. Over the last several years we’ve been conducting detailed analysis of ICS, been establishing the fundamental principles of SCADA security, and also developing a prototype solution for guaranteed SCADA protection from malware threats – based on traditional endpoint security and our secure OS. Products fit for consumption aren’t ready just yet, but active work is currently underway – so they should be soon…

Now, while continuing our usual analysis of SCADA security, earlier today we stumbled upon one heck of a big surprise: we came across “Mother-SCADA”, the chief, predominant, all-powerful ICS of the whole world, on whose smooth and uninterrupted operation relies literally everything on the planet: from how breakfast tastes and the size of annual bonuses, to the hours of night and day time and how fast the sun and the stars move across the skies.

Yep, we’ve gone and found the SCADA that manages all the technological processes in the Matrix!

Mother SCADA admin panel

You’ve probably all heard about the progressive work of the American scientists the Wachowskis, which confirms that the terrestrial earth (as it is seen by us humans) is a projected, virtual world of a real world. Technically, this projection is made possible using the industrial complex of the Matrix. And so our uncovering Mother-SCADA – the chief behind-the-scenes enabler of the Matrix – is no less than phenomenal. It represents a lot more than the customary showcasing of our cybermastery, and it’s not the next all-new cyber-frightener we’ve uncovered. No. This, clearly and very loudly represents our taking a giant step leap forward and upward on behalf of both man and mankind to a new paradigm of cybertechnology, changing our very perception of reality as we know it.

Of course, since this morning’s discovery, protecting Matrix SCADA is now the single most important task facing us all today, since control of the “upper level of reality” has the trickle-down effect of ensuring computer security in our projected world. Today, we managed only to plug into Mother-SCADA and conduct preliminary analysis of the system. Critical vulnerabilities so far haven’t been found, but the architecture of the system doesn’t permit a 100% guarantee of its security, even though it’s built on an unknown branch of UNIX. We also attempted analysis of the security of its PLC (programmable logic controllers); however, alas, we weren’t able to determine the manufacturer.

Without question a lot of work lies ahead; investigating Mother-SCADA has only just begun; but there’s also some good news: the data we already have are sufficient for the projection of extra systems of its security. Therefore (drum roll … cymbal crash!), I hereby formally (in a not-so formal blog post) announce today the start of development of a security solution for the omniscient, omnipotent, mother of all SCADAs – Mother-SCADA. I also would like to call on the world’s top experts to come and work with us – to help design and implement the required Mother-SCADA security and the secure operating systems it relies upon. Welcome!

That’s all on Matrix SCADA for now. Expect more earth-shattering news later today!…

comments 2 Leave a note

Tyler Durden

Neo and Trinity are very happy:)

0
Reply to conversation

Boris Zhdanov

Здорово придумано!

0
Reply to conversation
Trackbacks 1

Securing Mother-SCADA « adafruit industries blog

Leave a note
July 28, 2015

Iceland: Niceland.

I’d long dreamed of one day getting to the very volcanic island of Iceland for a spot of sightseeing, trekking and leisurely driving. I’d heard great things from friends and colleagues, seen some awesome pics of the scenery there, and heard some of the island’s music, but only recently did I finally find myself spending […]

July 24, 2015

Your car controlled remotely by hackers: it’s arrived.

Every now and again (once every several years or so), a high-profile unpleasantness occurs in the cyberworld – some unexpected new maliciousness that fairly bowls the world over. For most ‘civilians’ it’s just the latest in a constant stream of seemingly inevitable troublesome cyber-surprises. As for my colleagues and me, we normally nod, wink, grimace, […]

July 23, 2015

The tiniest biggest country in the world.

Hi folks! This here post is the last in my mini-series from St. Petersburg. It continues the ‘places to visit‘ theme, but with a difference; for the place it describes resembles a museum, but it isn’t a museum really, I think. Or maybe it is. It claims to be one… Hmmm, whatever it is, it’s […]

July 21, 2015

Railroad feats in St. Pete.

There are different kinds of museums. There are real museums (in the classic understanding of the word), there are expositions, exhibitions, installations… What other words are there for describing such events? Graffiti! Btw, good quality graffiti done in good taste – is it an exposition or installation or hooliganism? The latter I cross out since […]

July 20, 2015

St. Pete from above.

Hi all! To get high up and look down and around, say, from up a mountain… it’s always cool and beautiful. But to fly up above for panoramic views of below – it’s even better. And best of all when it comes to flying for sightseeing purposes is the helicopter. Best of all when it […]

July 17, 2015

Tricky St. Pete.

St. Petersburg in summer, especially June and July – it’s… tricky. You’ve probably already heard that there’s hardly any nighttime at all in summer, as, well, the sun – well up the northern hemisphere this time of year, just pops over the horizon for a few measly hours, before it ‘rises’ again in the wee […]

More