Comments on: Super-Sophisticated Computer Virus Apparently Targeted Iran's Power Plants

By: Jennifer Welsh

Jennifer Welsh — Wed, 29 Sep 2010 15:01:45 +0000

Thanks everyone, for reading and leaving your comments. I hope this all works out in the end, but the more I learn about this virus, the more the idea scares me.

Jen

By: Brian Too

Brian Too — Tue, 28 Sep 2010 23:30:12 +0000

It’s been a few years, but if the old methods still hold, Windows is less of a problem in these environments than you’d think. And process control is a pretty conservative business area.

These are SCADA environments. The Windows OS and SCADA application functions as a Command & Control system. However it isn’t what runs the plant on a moment-to-moment basis, the PLC’s do that. The PLC’s are independent logic units that can run just fine for hours (or days, or weeks) without any contact whatsoever from the C&C system. You want the large scale oversight of course, it’s just that you are not wholly dependent upon it.

With a layered control system like this you can suffer minor outages in any layer and the remaining layer can remain functional. Not that systems failures are good of course! However this is a very strong fault tolerant system design.

Also, and to be fair, Windows is much better than it used to be. I speak from experience. It’s fully auditable, event logged and reasonably secure. If you have a non-BS SCADA deployment, you can easily add ECC DRAM, RAID mass storage, test environments, application whitelisting, driver signing, even clustering. All these go a long, long way to improving uptime performance.

On the other hand, if you are targeted by a spook as the OP suggested, chances are your security will be seriously tested. Weak links exist in any system and a pro knows how to find them.

By: vel

vel — Tue, 28 Sep 2010 15:25:47 +0000

why do people use Windows? Because it’s out there and it has people supporting it that are paid to work on its problems, rather than freeware where you have to hope someone gets around to your particular bug.

By: HW

HW — Tue, 28 Sep 2010 14:54:07 +0000

There exists many Human-Machine Interfaces that are designed to run on Windows. These (Windows based) intefaces are very common in almost every industry.

By: Dante The Canadian

Dante The Canadian — Tue, 28 Sep 2010 14:51:02 +0000

THAT is a GREAT Question Jennifer. If it is so susceptible to viruses and malware why is it still being used? Especially for infrastructure and military needs?

Does anyone doubt that the US had a hand in this? For a nation which has sworn a ‘war on terror’ this sure stinks of terrorism.

By: Jennifer Welsh

Jennifer Welsh — Tue, 28 Sep 2010 13:26:08 +0000

The real question is: Why are they using Windows to control our infrastructure?

Jen

By: nick

nick — Tue, 28 Sep 2010 03:57:44 +0000

“Thousands die, plant still spewing toxins.” Yeah, it is a bit on the melodramatic side because we’ve seen what happens. It happened in Russia a couple years back, it happened in the Gulf of Mexico this summer. A few people died, there was a cleanup effort.

“And some experts, like Eugene Kaspersky, co-founder and CEO of the Russian cyber-security firm Kaspersky, worry that this is just the first of a string of government-mediated software attacks.”

Same thing was said about atomic bombs. Somehow, despite all the hand wringing and pants-sh***ing, we survived.

[moderator's note: edited the cuss word.]

By: Vermont Hermit

Vermont Hermit — Tue, 28 Sep 2010 01:15:25 +0000

Why do I get sick to my stomach, thinking about the possibilities? Next major terrorist attack on country “x” sends chemical plants out of control. Thousands die, plant still spewing toxins. Mass evacuations. Ok mabye a bit on the melodramatic side but you get the point.

By: Rhacodactylus

Rhacodactylus — Tue, 28 Sep 2010 00:20:24 +0000

Sweet, I’ve seen this movie, this is the one where Angelina Jolie gets topless right?