Power plants. Water treatment facilities. Hospitals. Forensic labs. Rail and road traffic control systems. Flood control systems. Wind farms. Automatic door openers. Building energy management systems.
What do all these types of devices have in common? They, and many other devices are all controlled by electronic controllers – no surprise there. But the dismaying thing is that the electronic controllers are connected to the internet.
If you know the system’s IP address, the port it communicates on, and the communication protocol it uses, you can access the device. Maybe it has a simple password block on it, and maybe it doesn’t – in some cases, these devices are totally open and unprotected.
But – you might think – finding these devices would be like finding a needle in a haystack. With all the gazillions of devices on the internet, how could anyone find vulnerable industrial control systems?
The answer is sadly readily at hand – you use a computer to find a computer. You can use search programs out there that will patiently scour the internet, one internet address after the other, slowly working through every possible combination of addresses and ports, until it finds potentially vulnerable systems.
Indeed, it is so easy that anyone can do it – go visit this website which offers a public service to search for such vulnerable devices. Pay them $19 and get special unrestricted access if you really want to have a good search.
What if terrorists could override or reprogram these industrial controllers – to make wind turbines race over speed and fly apart, to make power stations melt down, to make hospital power supplies fail, to alternate traffic lights between gridlock causing all lights red and accident causing all lights green. To have burglar and fire alarms go off in succession, all around the cities, so that exhausted police and firemen end up forced to ignore all emergency calls – always assuming they could get there with the traffic signal chaos that would also be underway. Actually, why limit oneself to road traffic signals – why not mess up with train switching and signalling too – get an express passenger train hurtling towards a freight train carrying thousands of tons of deadly chemicals or inflammable fuels and have them collide in a central city area – far from impossible as this article points out.
Cause industrial refrigerators to fail and bulk stocks of food to spoil, to cause buildings to go crazy hot or freezing cold, to flood entire counties or even countries (ie The Netherlands), and so on and so on and so on.
All of a sudden, our transportation gets gridlocked. Our power grid goes down, plus many power stations get destroyed. And so on – be imaginative. Maybe destroy the pumps in a water pumping station, like it is alleged Russian hackers did in IL late last year.
One researcher recently reported that in the last few years, his count of known internet connected and vulnerable devices has increased from 7,500 to 40,000 units. Who knows how many the actual true total count may be.
This is not a war we’re winning – it is a war we’re setting ourselves up to spectacularly and suddenly lose. Here’s a sanitized recent BBC Radio report on the matter that doesn’t go nearly far enough in terms of exploring the vulnerabilities caused by these online systems.
Our biggest vulnerability isn’t merely from bored teenage hackers. It is from unfriendly countries and government sponsored hacking attacks. Here’s a recent example of the Chinese getting restless and testing our satellites for vulnerabilities – and finding them, too.
Update, a Week Later : When we wrote this, we were reporting on an article that indicated how 40,000 computer control systems have been found, accessible via the internet. That’s – for sure – a lot. But less than a week later, a new story has come out, that discloses the existence of another 11+ million connected computer controllers, and with known security vulnerabilities. Oooops! Click the link in the preceding sentence for more on this.