Originally posted by camaro68ss
sweet, so hackers can upload vireses into planes and now crash them into buildings remotely? Whos side are we on anyways?
But I doubt the aircraft mechanics will see this thread, if that's what you really wanted to know about.
Then the question becomes, how good is the security?
Originally posted by Frater210
Thanks for the stuff on Qantas. I am guessing that they can take control of the plane as well but this is where we need our aircraft pros.
Noted and thank you. One of the major security concerns about these devices (SCADA) is that they aren't networked and that their physical Inaccessibility makes them a null target. We know they are connected (networked) from our Australian friend's article, and if the Inaccessibility thing were true then how do you explain what is happening in Iran with the power plants?
And what do you suppose the SCADA controllers are running? You guessed it (even if you guessed Windows) It’s UNIX…
See what Stuxnet attacks? That’s right; the SCADA controllers that are running UNIX.
I am guessing that they can take control of the plane as well but this is where we need our aircraft pros.
it's cause of the way that most sec / pen test guys try to gain publicity by "proof of concept" attacks that can barely be done while having full access to a system. In any case the article also mentions the IP6 switch but what the security guy didn't take in account is that if a system is outdated it wont be having SCADA with IP6. And as it was raised already by him and others I'm sure this will be taken in account with most implementations.
747s are giant flying UNIX hosts sporting fully hackable Seimens SCADA controllers.
"We managed to break the VLANs and access other systems and with source routing could access the Engine management systems. The response, "the engine management system is out of scope.""
"They filter incoming traffic, but all outgoing traffic is allowed."
"At the time, the engine management system on this particular airline was Solaris based. The patching was well behind and they used telnet as SSH broke the menus and the budget did not extend to fixing this. The engineers could actually access the engine management system of a 747 in route. If issues are noted, they can re-tune the engine in air."
Craig Wright is the VP of GICSR in Australia. He holds both the GSE, GSE-Malware and GSE-Compliance certifications from GIAC. He is a perpetual student with numerous post graduate degrees including an LLM specializing in international commercial law and ecommerce law, A Masters Degree in mathematical statistics from Newcastle as well as working on his 4th IT focused Masters degree (Masters in System Development) from Charles Sturt University where he lectures subjects in a Masters degree in digital forensics. He is writing his second doctorate, a PhD on the quantification of information system risk at CSU.
"See what Stuxnet attacks? That’s right; the SCADA controllers that are running on UNIX.
Now for the automation interface (SCADA on UNIX *sometimes*) that our hacker friend is talking about.
Frater210, It seems that your clarification is less clear than the original post that you were trying to clarify.
SCADA is a technology, not a specific hardware platform or a specific software platform or a specific combination thereof. SCADA consists of both hardware and software.
No. An industrial controller is hardware. UNIX is software. In english, Software runs on hardware. Hardware does not run on software.
SCADA is not an automation interface. An automation interface(HMI) is usually part of the software of an industrial system, although it is perfectly possible for the system to have no need for it, and hence not have it.
It appears that you are convinced that SCADA is software that is running on top of a host OS which runs on top of a hardware platform, when in fact it is all of the above.
As for UNIX, it is not one thing. today it is different things to different people and many things from many vendors. It can be true Unix, BSD or AT&T derived, or Unix-like, such as GNU/Linux etc. Both branches are now open source under different schemes, so Unix is in a sense under control of the people.
This is true, and it is not limited to aircraft. Many more types of industrial systems are vulnerable to disruption, because some corporate cost-cutter decided that it was cheaper to hook two locations up to the internet than paying for a dedicated line between them.
I read through some of those paste-bin posts and from what I have read, there is pretty much a cyber war going on.
I really don't want to link to much of the material because I really do not want these people mad at me but if you read through some of the paste-bins.
There seems like a dialogue going on where this 21 year old hacker is quite pissed off about the hack on Iran's reactor.
Hi again Some more clarification seems to be needed... a) What you did affected Iranian users, you attacked Iranian people, etc. etc. etc. bla bla bla First of all people against Iranian government or Islam, even if they live inside Iran, we can't count them as Iranian people, I can't! If they get power to harm Islam and Iranian government, spying for foreign spying agencies (Mossad, CIA, MI6), they won't miss it. If they get paid from a foreign secret service, they can gather and send ANY information THEY CAN. These are not people of Iran, these type of people was my target, not normal people, people who don't have anything to do with secret services, Iran's enemies, Islam's enemies, etc. Second: this time attack was limited to Iran, next time, I'll own as more as gateways in Israel, USA, Europe, as more as ISPs and attack will run there. You know man, I give promises and I keep them, I say words and they just happen, I told you wait and see previous time (Comodo case), now you see more. For an example ask a little from LMI.NET Berkley's ISP, ask about user Todd and password loc!666 (for example), ask if they detected that I was owned their all Linux boxes and I got access to their DNS servers, you see? I'm really sharp, powerful, dangerous and smart! I told in Comodo hack case that I rule the internet, I'll bring equality of controlling internet like USA for myself and you see I'm simply doing it, huh? How you are going to stop me you Mossad animals? Like this: www.silviacattori.net... ? Israel still lives in age of stones, they kill people they just can't see, they kill Palestinian children and women, believe me, they shouldn't exists in this world. Hope to see that day soon... Third: Do you know meaning of "Unstoppable Genius Digital Hacker?" b) Some small brains said in their articles that it was easy hack, passwords was weak, it was a simple DNN bug, etc. etc. etc. bla bla bla blaaaa First: If I gave all hackers of the world, ALL hackers by it's real meaning, they wouldn't be able to reach that network behind all those firewalls, routers and final networks without any access to internet which even doesn't have internet connection. So shut the .... Second: You think I generated SSL and code signing certificates by sending some SQL queries or sending some requests or using some ready made in desktop applications with 1234 password default? Ahhh man! Stop taking people's work easy... There was netHSM with OpenBSD OS, only 1 port open, totally closed/protected with RSA SecurID and SafeSign Token management systems, they had around 8 smart card totally (a company with a lot of employees, only 8 smart card for SSL generation), you see? It's not "simple DNN bug", ok? I had remote desktop access in last RSA Certificate Manager system which had no any connection to internet, all files was coded in XUDA (there is no reference to XUDA programming language, even a single line), no one can access those server via Remote desktop, there was enough firewalls and routers which even blocked their own employeee to access that network. That network had different domain controller with different users, man! There is so much thing to explain, I'll do it later, just know it is most sophisticated hack of all time, that's all! Third: You only heards Comodo (successfully issued 9 certs for me -thanks by the way-), DigiNotar (successfully generated 500+ code signing and SSL certs for me -thanks again-), StartCOM (got connection to HSM, was generating for twitter, google, etc. CEO was lucky enough, but I have ALL emails, database backups, customer data which I'll publish all via cryptome in near future), GlobalSign (I have access to their entire server, got DB backups, their linux / tar gzipped and downloaded, I even have private key of their OWN globalsign.com domain, hahahaa).... BUT YOU HAVE TO HEAR SO MUCH MORE! SO MUCH MORE! At least 3 more, AT LEAST! Wait and see, just wait a little bit like I said in Comodo case. P.S. In wikipedia of SSL, it should be added for future that I caused to remove SSL or CA system security model, I have a special idea for private communication via browsers which could be used instead of SSL, but why should I share it and cause trouble for my own country? When USA and Israel can read all emails they want in Gmail, in Yahoo, data in Facebook, Twitter, etc. How my country should control those services? I'll help my own country for it as I did and you saw it. If my country get equal right as USA in controlling emails, I may share my brilliant unbreakable encryption system for replacement of SSL and CA system. World is shocked just by my Comodo and DigiNotar hack, what would happen if I show my other skills in cryptography, cryptanalysis, binary analysis (assessment), reversing, kernel programming, other high profiles servers I hacked and extracted all needed information from them, etc. etc. Ohhh! May they change internet model, hahahahaaaaa P.S.S. never forget, I'm just 21, you have to see much more from me! By the way, I heard that Comodo CEO (poor Melih) have talked again and said it was again State sponsored and I'm not a single hacker bla bla... Dear Melih, please wake up, I'm the only hacker, just I have shared some certs with some people in Iran, that's all... Hacker is single, just know it
Problem of World: Missing Equality. Some authorities thinks they rule the world, like USA and Israel, they think digital world totally belongs to them, they are simply wrong. Let me tell you some examples with references: ---------------------------------------------------------------------------------- a) Microsoft Patches Stuxnet worm about 2 years later. They say they MISSED! it: www.computerworld.com... How come they MISS! Stuxnet bug, but they issue an update within some days for my digital certificates? MISSING EQUALITY 1 ---------------------------------------------------------------------------------- b) FBI cannot see/find/detect/catch HBGary CEO for spreading malware in Middle East for movie themes: english.aljazeera.net... But they try to catch me in miles away from USA? MISSING EQUALITY 2 ---------------------------------------------------------------------------------- c) No one asked a single question from USA or Israel authorities, even level 5 authorities about Stuxnet malware, why they afforded millions of dollars for destroying a nuclear facility in Iran, what would have happened if they were successful in their mission, nothing at all (there is no reference/link for something that doesn't exists) But they tried to ask questions about Comodo attack which ONLY I was behind it from my country's ambassador. MISSING EQUALITY 3 ---------------------------------------------------------------------------------- d) USA and Israel owns a lot of nuclear war heads: www.reuters.com... Israel owns most of dangerous weapons of the world: en.wikipedia.org... USA used nuclear bombs one time: HIROSHIMA No one talks about it, no one research about Israel's hidden nuclear activities, no one talk about their warheads. But ALL THE WORLD try to stop Iran's nuclear enrichment program which is ONLY for producing energy: news.xinhuanet.com... MISSING EQUALITY 4 ---------------------------------------------------------------------------------- e) USA builds HAARP, they can create earthquakes, destroy world or a part of it, nobody asks why? No any single question. They build Echelon, they can spy on all signals of world, nobody asks why? What do you want to do with it? Why you afford billion of budget on it? Can't you afford it for building something useful for your country's people? Nobody worries, no problem exists at all. No question, no answer at all. But when my country's army builds a new missile, all press writes about it and all gets worried. What's your problem? Why do you worry? What's the matter? All the world countries own missiles, they are for protecting a country. It's simple. MISSING EQUALITY 5 ---------------------------------------------------------------------------------- You see? There is so much thing to be fixed in the world, when nobody tries to solve this problem, I'll try. I'll try to solve such problems in my own method, as much as I can. I can't do anything on nuclear stuff, but how about digital world? I'll do anything I want, anything I can in digital world and nobody should talk about it, I'll bring equality in my own method in my field. Wait for it... Hope to have a world full of equality for all
Got it. I suspected as much; the hardware being these physical units that are referred to as 'industrial controllers' and the software that translates that output to a GUI. Have I got that right? Then the GUI would run on the host OS which is running on a server. Hope I got that.
This is really interesting. So some industrial controllers do not bother with a software package. Is that because it is multiple devices networked to a server of some kind? Or do they just fire and forget, so to speak?
So, no, I knew that the SACDA were a combination of hardware expressed by a software package. I think I am starting to get this but I don't have the terminology and language together enough to express it with precision. I think I did think for a while that the SCADA hardware was somehow running Unix, but having had to correct this thread and your help have snapped me out of it.
As far as we having control of our Unix is concerned, I suppose it may just be paranoia. But I am sure you know that, for instance, telnet cannot be reached any longer from the command prompt on the last two iterations of Windows and Windows 8 looks like a cell phone. I am concerned about what I am perceiving to be a distancing of people from the true power of computing. Am I totally off base here?
Thank you so much for understanding. This is precisely the direction that I had hoped this thread would take. But, being as it is that it had to do with 747s, I did not anticipate that it would go straight to the idea of 'terrorists taking over the planes by remote control'. So thanks again.
Siemens S7 hack
At Black Hat, NSS researcher Dillon Beresford demonstrated how to hack a Siemens S7 computer, gain read-and-write access to the memory, steal data, run commands and shut the computers off. All this is very bad when you consider these devices are used to control machines in factories, utility networks, power plants, chemical factories and the like -- a major security threat. His findings were so troublesome that he pulled out of an earlier conference where he'd been scheduled to present the information until Siemens could patch the vulnerabilities he exposed. And the Department of Homeland Security monitored his talk to make sure it didn't reveal too much.
At Black Hat, NSS researcher Dillon Beresford demonstrated how to hack a Siemens S7 computer, gain read-and-write access to the memory, steal data, run commands and shut the computers off.