Understanding Network Threat to Industrial Infrastructures

SCADA (supervisory control and data acquisition) generally refers to industrial control systems (ICS): computer systems that monitor and control industrial, infrastructure, or facility-based processes, as described below:

Industrial processes include those of manufacturing, production, power generation, fabrication, and refining, and may run in continuous, batch, repetitive, or discrete modes.
Infrastructure processes may be public or private, and include water treatment and distribution, wastewater collection and treatment, oil and gas pipelines, electrical power transmission and distribution, wind farms, civil defense siren systems, and large communication systems.

Facility processes occur both in public facilities and private ones, including buildings, airports, ships, and space stations. They monitor and control HVAC, access, and energy consumption. _Wikipedia SCADA

SCADA YouTube Tutorial
SCADA systems control large sections of modern industrial infrastructures, and are often connected to the public internet. This makes them susceptible to hackers, some of whom would like nothing better than to hold a city or a corporation hostage, via its water or power supply etc. Even worse, in case of international hostilities, a foreign powers may threaten an opponent's vital infrastructure as a routine part of negotiations over trade treaties, economic pacts, or cooperation agreements.

A SCADA sends instructions to shopfloor machines like pumps, valves, robot arms and motors. But such systems have moved from communicating over closed networks to a far cheaper conduit: the public internet. This can give hackers a way in. Eric Luiijf of TNO Defence and his colleagues found a litany of insecure "architectural errors" in the waterworks' SCADA networks (International Journal of Critical Infrastructure Protection, DOI: 10.1016/j.ijcip.2011.08.002).

Some firms did not separate their office and SCADA networks, allowing office hardware failures, virus infections and even high data traffic to potentially "bring down all SCADA operations". While remote internet access to SCADAs is supposed to be possible only with strict security controls, the researchers found this was often not the case. And some water firms allowed third party contract engineers to connect laptops to their SCADA network with no proof they were running up-to-date antivirus software.

This was compounded by news of the hack at the Texas water plant, where on 20 November a hacker named "prof" gained access to the plant's systems using a three-character default password on an internet-accessed SCADA made by Siemens of Germany. "No damage was done to any machinery; I don't really like mindless vandalism. It's stupid and silly. On the other hand, so is connecting your SCADA machinery to the internet," he wrote on the Pastebin website.

One of PRECYSE's main approaches to securing systems will be "whitelisting", a way of ensuring only authorised users obtain access. This is the opposite of the approach used by antivirus software. "Instead of hunting for malicious code, as in an antivirus blacklist, this only lets the known good guys connect," says security engineer Sakir Sezer at Queens University Belfast in the UK. Unusual behaviour - such as attempting to extract the control codes used to drive equipment - would also mean access is blocked. Deep-packet inspection, normally used to spot copyrighted material on the net, could be harnessed to ensure no attack code is injected.

But it won't be easy. "The biggest risk we face is that of denying the legitimate user access to their SCADA because something in the security setup has changed," says Sezer. "You don't want to create a denial of service attack against yourself."

The systems have other enemies, too. The Stuxnet worm, which attacked Siemens SCADAs in Iran's uranium-enrichment facility in Natanz, wrecked 400 machines. Duqu, a relative of Stuxnet spread in Word files, is currently probing SCADA networks seeking out control instructions.

The battle for the safety of our utilities has only just begun. _NewScientist

The stealthier that a hacker can be when infiltrating an industrial or civic infrastructure, the more deniable is the attack.

Smart industries and cities will begin designing redundant backup systems. They will also look into economical and reliable ways of taking their vital infrastructures off the public networks. Unfortunately, we are entering the age of the Idiocracy, when political correctness, affirmative action, and a faux egalitarianism are all more important than a secure foundation for building a better future.

In other words, hope for the best, but prepare for the worst.

North Korea Completing Devastating EMP Weapon?

The North is believed to be nearing completion of an electromagnetic pulse bomb that, if exploded 25 miles above ground would cause irreversible damage to electrical and electronic devices such as mobile phones, computers, radio and radar, experts say. _abcnews

FuturescienceA specialised EMP nuclear burst high above the atmosphere, could knock out continental-sized power grids. Much of the entire continental US and parts of Canada and Mexico could be temporarily sent to the dark ages with a single EMP-customised nuclear device detonated in orbit.

Given the heavy dependency of modern societies on electric power, it has been estimated that long-term loss of electric power over a wide area could result in loss of up to 90% of pre-event population. Such a high mortality rate could occur due to a combination of long-term basic infrastructure breakdown combined with the inability to bring significant aid into the area from the outside.

Both the US and the USSR conducted experiments to determine the effects of EMP from high altitude nuclear detonations:

A few hours after the sun rose in Kazakhstan on [a] cloudy October morning, the Soviet Union detonated a 300 kiloton thermonuclear warhead in space at an altitude of 290 kilometers (about 180 miles) over a point just west of the city of Zhezkazgan in central Kazakhstan. The test was generally known only as Test 184 (although some Soviet documents refer to it as K-3). It knocked out a major 1000-kilometer (600-mile) underground power line running from Astana (then called Aqmola), the capital city of Kazakhstan, to the city of Almaty. Several fires were reported. In the city of Karagandy, the EMP started a fire in the city's electrical power plant, which was connected to the long underground power line.

The EMP also knocked out a major 570 kilometer long overhead telephone line by inducing currents of 1500 to 3400 amperes in the line. (The line was separated into several sub-lines connected by repeater stations.) There were numerous gas-filled overvoltage protectors and fuses along the telephone line. All of the overvoltage protectors fired, and all of the fuses on the line were blown. The EMP damaged radios at 600 kilometers (360 miles) from the test and knocked out a radar 1000 kilometers (600 miles) from the detonation. Some military diesel generators were also damaged. The repeated damage to diesel generators from the E1 component of the pulse after the series high-altitude tests was the most surprising aspect of the damage for the Soviet scientists. _FutureScience

And those effects in Kazakhstan resulted from the detination of a bomb not particularly efficient at producing EMPs. A custom-designed EMP nuke would have done a far more thorough and devastating job of it.

It is not a question of "if," but of "when" and "where" such an attack will occur. If it occurs over a modern nation which has not prepared for it, the loss of life is likely to be severe. In addition, the target nation would temporarily lose its ability to operate effectively, internationally. The widely dispersed nature of the US suggests that that country would maintain significant retaliatory capacity, but the civilian infrastructure would require massive and lengthy re-building. During that time of re-building, it is likely that many millions of people would die from a wide range of causes caused ultimately by the attack.

Good introductory article on EMP from FutureScience

Wikipedia entry on EMP

Federation of American Scientists article on EMP

EMPact America EMP resource

"One Second After" website for novel based on EMP attack over most of US, and subsequent aftermath

If the damage to the electrical infrastructure from a coordinated EMP attack were widespread enough, restoration of widespread grid power could take years. Over that time period, many large cities would likely revert to barbarism without overwhelming military presence. With hundreds of cities involved, it is unlikely that the US military could preserve order in more than a few.

That is why any hint at development of EMP weapons by North Korea, Iran, Venezuela, etc. must be taken seriously. While it is true that any nation launching an obvious EMP attack against the US would probably be obliterated by retaliation, it is possible to launch a satellite containing an EMP weapon -- but with a different primary use. Such a "sleeper" satellite could orbit for years until it was felt strategically opportune, by its owner, to detonate it. By the time a case could be made against the true culprit, the US (or Europe etc) may no longer be functioning as a viable civilised society.

As you can imagine, preppers and survivalists have taken an interest in the EMP phenomenon, with an emphasis on how to prepare to survive such a widespread disaster. Here is one PDF essay on that topic from Prepper.info

You will need to use your imagination here. What would happen to your neighborhood, community, town, city, etc. if it were to lose power for several months, without significant outside assistance? How long would it take for the stores to run out of food and supplies, or for the fueling stations to run out of fuel? How would you feed yourself and your family, if civil disorder set in -- preventing a cooperative community effort to share resources?

Such weapons may be in orbit overhead, even now, waiting for a designated time to inflict chaos on a targeted continent. What should you do?