[R-390] off topic interesting read
Cecil Acuff
chacuff at cableone.net
Wed Apr 8 19:08:18 EDT 2009
You are correct many different industries use the same technology to get
their data from point "A" to point "B" but it's just a pipe. What you put
into that pipe is what makes your system more or less secure. Sure brute
force access denial is possible for licensed systems but would require close
proximity to the site you want to jam. On spread spectrum systems it would
be a bit more complex as well. In the electric utility world access denial
would do nothing but stop the reception of readings of load and status...not
cause the device to stop doing what it was designed to do..such as in a
substation. To open a breaker in that sub via breaking into the RF data is
a complex thing to do with many fail safe controls in the software and
hardware and would be easier to cut the lock on the fence and break into the
switch house and manually operate the control...
All of which would have limited effect...
Cecil...
----- Original Message -----
From: "William J. Neill" <wjneill at consolidated.net>
To: <odyslim at comcast.net>; <r-390 at mailman.qth.net>; "milcom"
<milcom at mailman.qth.net>; "Comm- Center1" <CommCenter-1 at yahoogroups.com>
Sent: Wednesday, April 08, 2009 5:37 PM
Subject: Re: [R-390] off topic interesting read
Scott:
There's far, far more to this than readily meets the eye.
The same RF control system, SCADA (check it out on Google), used by
the electrical transmission and distribution companies is also used
throughout the world by petroleum and natural gas pipelines, US water
and sewage operators, railroads for signal controls, municipal
traffic signal controls, government and industrial security systems,
and just about anything else you can imagine using cellular and
wireless-based comms for linkages.
This is very bad shit and the probing (from both China AND Eastern
Europe) has been going on for at least five years.
Here are a few Web sites (with links) that you probably won't find on
a casual basis that will give you more information:
http://www.w2cog.org/
http://www.thedarkvisitor.com/
http://www.us-cert.gov/cas/alldocs.html
http://www.fbi.gov/cyberinvest/cyberhome.htm
There are many other sites but they are primarily academic in nature,
focusing on combinations of terrorism and technologies.
Best wishes,
Bill Neill
Conroe, Texas
On Apr 8, 2009, at 5:11 PM, odyslim at comcast.net wrote:
Hi Bill,, This could be really scary. Thanks for filling us all in.
Regards, Scott
----- Original Message -----
From: William J. Neill <wjneill at consolidated.net>
To: odyslim at comcast.net
Cc: milcom <milcom at mailman.qth.net>, r390 list <r-390 at mailman.qth.net>
Sent: Wed, 8 Apr 2009 19:36:23 +0000 (UTC)
Subject: Re: [R-390] off topic interesting read
The subject has attracted attn from DoD and DHS and herewith are a
sampling of comments from this morning's postings on a DoD INTEL
netserver:
We have known about China and Russia’s exploits on the NIPR front.
This article is interesting
in the fact that critical infrastructure systems were penetrated and
malware was left behind.
Does anyone have an UNCLASS damage assessment?
http://online.wsj.com/article/SB123914805204099085.html
On Apr 8, 2009, at 9:54 AM, Villano, Paul Mr CIV USA TRADOC wrote:
I found the CBS version of the story http://www.cbsnews.com/stories/
2009/04/08/national/main4928223.shtml
interesting because a former HLS employee mentions there were "a lot"
of intrusions last year. I wonder what the reason for his "former"
status is.
On Apr 8, 2009, at 8:51 AM, Raines, James B Jr WO1 RES USAR USARC wrote:
> We have known about China and Russia’s exploits on the NIPR front.
> This article is interesting
> in the fact that critical infrastructure systems were penetrated
> and malware was left behind.
>
> Does anyone have an UNCLAS damage assessment?
You may be interested in the Task Force on Electric Grid
Vulnerability (EGV), which maintains a host of unclassified and FOUO
materials on Intelink-U:
http://www.intelink.gov/wiki/Electric_Grid_Vulnerability
Membership and POCs available here:
http://www.intelink.gov/wiki/Electric_Grid_Vulnerability/Membership
You may wish to contact the Task Force for additional information on
the recent media coverage.
One important consideration is that the presence of malware on such
systems does not always imply intentional penetration; often, the
presence of malware on secure systems is the result of improper use,
poor user education, or other deficient local security practices. Web
and email vectors are common.
That said, the presence of this type of malware, much of which is
designed to communicate with an external control server for
instructions, is undesirable even if not the result of a concerted or
targeted effort. Once in place, networks of individuals interested in
more malicious activities than sending spam or bringing down a web
site would have a considerable base of systems from which to pick, in
all manner of sensitive areas.
- Dave
Bill Neill
Conroe, Texas
On Apr 8, 2009, at 11:47 AM, odyslim at comcast.net wrote:
I know this is off topic but worth reading. Individuals have been caught
trying to map out our power grids.
http://www.comcast.net/articles/news-general/20090408/NEWS-US-
CYBERATTACK-USA/
Regards, Scott
______________________________________________________________
R-390 mailing list
Home: http://mailman.qth.net/mailman/listinfo/r-390
Help: http://mailman.qth.net/mmfaq.htm
Post: mailto:R-390 at mailman.qth.net
This list hosted by: http://www.qsl.net
Please help support this email list: http://www.qsl.net/donate.html
More information about the R-390
mailing list