Approval?
This would only be happening with Government approval.
An espionage attack on Telvent - the maker of power-grid control systems and smart meters - has been linked to a prolific Chinese hacking crew. Telvent, a division of Schneider Electric, has admitted hackers breached its corporate network, implanted malicious software and lifted sensitive project files. The raid spanned …
...........that the assumptions we so often see reported in the press accurately reflect the motivations behind this particular raid.
It is possible that it was straightforward industrial espionage carried out on behalf of a Chinese company operating in the same area. The automatic assumption that if it has anything to do with China then it must be a government-sponsored attack pursuing a cyber-war agenda is nothing more than just that, an assumption. The assumption may indeed sometimes be correct, however it is highly likely that the situation is more complex and varied than tabloid headlines would suggest. However, it is certainly perfectly possible that private criminals might use this information to carry out a "your money or your networks attack" as indicated in the article.
The value of anything the Chinese may or may not have is based solely on the one doing the appraisal of the item in question. A bag of almonds may not have much value to one person, but have significant value if another were hungry.
In any event, the Chinese, in fact, now have something worth stealing. The fact they have the information cannot be changed and any retaliation will not change it either. All that can be done is to stop future incursions into American systems.
However, from what I have seen, first-hand as well as in the media, suggests that bolstering our networks will not happen anytime soon. Far too many administrators roll-out security as if it were a set-it-and-forget-it item.
Given the already apparently fragile state of US power grids, I'd wager that the Chinese would rather go for a target that isn't already prone to falling over en masse by itself on occasion.
However, it does go to show that industry still seems to be lagging somewhat on security implementation, even if the resources are out there to do so. Maybe the US could divert more of its grotesquely huge war budget to securing it's online presence? Cyberpace could be the new Wild West, give em a chance to feel all pioneering and brave again! ;O)
Or it could be connected to Britain's growing use of windfarms. China wants to increase the use of wind. Good wind is relatively cheap, and even cheaper when a country both make the turbines and can use it to displace imports, coal and gas in China's case.
It could just be _industrial_ espionage.
Little or nothing to do with the UK. Schneider Electric are a French company, Telvent is its Spanish subsidiary (see laughable press release about security at botton, BTW), and offices in the US and Canada were hacked.
It's nigh on certain that some UK power companies have Telvent and Schneider kit installed, but the Chinese won't be hacking Telvent for any UK angle. At the moment the Chinese and Russians are most welcome by the British government because they are the only people who look likely to invest in the proposed nuclear programme. Why hack when you can just wave a bunch of used fivers and be invited in?
Now laugh at this:
http://www.telvent.com/en/business_areas/environment/news_center/2012/Telvent-Partners-with-Industrial-Defender-on-Cybersecurity-for-SCADA-and-ADMS-Solutions.cfm
I dont know, but i think critical infrastructure like the power grid for example should under no circumstances have its command and control systems connected to the damn internet.
Sure it's convenient and connectivity is cheap but the power grid is far to important to trust to anything less than a dedcated, encrypted, access controlled network that is completely isolated by firewalls and an airgap from the open internet.
That way you could *give* the hackers all the tech details they want, without the appropriate access control hardware and connection details the infornation is worth nothing
You are essentially calling for an "energy gird control intranet". It suffers the weakness of all intranets - a single "accidential" connection to the outside world will compromise it.
Sneaking into a (say) foreign transformer station and plugging in a mobile phone plus a flat-rate data SIM card is within the capabilities of at least 50 nations. Then mess with the "secure intranet" for the next five weeks, until the losers stumble upon the phone while investigating a short circuit caused by a rodent.
No, the whole control net needs resilience, lots of independent zones which are each strongly firewalled. And it does not hurt to route the control traffic over the internet if it is strongly encrypted and the tunneling software properly done.
The problem lies with the cavalier attitude of the leadership. Security does not bring higher quarterly results.
If someone can sneak into your facility and connect random gear to your network then you fail at security on several levels.
First the lack of security at a site, even a simple microswitch on a cabinet door alerting the control center of an unauthorised opening of an electrical cabinet is all it takes to thawte this type of attack. The controllers would know of any impending maintainance on a cabinet and could dispatch security and a technician to check the site as soon as the alarm goes off.
Secondly the lack of network access control. If your ultra secure and critical network allows random gear to be connected and have it just work with full access to everything then you have issues. I have wifi access to my home lan and i have a list of MAC addresses that are whitelisted, its not hard to configure. Being able to just plug in a piece of gear and have it work is just poor security.
Then the firewalls and vpn routing over the public internet. The only way to stop a Zero-Day exploit attack on critical infrastructre is an air gap. State sponsored actors will have the means to exploit unknown vulnerabilities on hardware and software. If they cant physically connect to it then they cant atrack it.
"If someone can sneak into your facility and connect random gear to your network then you fail at security on several levels."
As the OP suggested, you just need any point of access. Your assumption that you can successfully monitor every remote site shows a disregard for the costs and practicality (speaking as a former employee of a grid operator). If somebody has the will to do it, then you'll find that they won't be thwarted by a bit of common or garden car-alarm technology. Maybe you'd want to up the defensive stakes, but the point remains that you can't guard all of a public infrastructure, as metal thieves regularly demonstrate, despite remote monitoring by a 24 hr control centre.
Everything connected to a power distribution control system should be by wire, preferably with extra shielding - absolutely no WiFi or similar - and fully disconnected from the normal office network and the internet. Any connected system or workstation not within a secured and guarded room should have its CD and floppy disk drives removed and any serial, parallel, or USB ports plugged with epoxy. Even better, the internal disk drive should be removed and the storage be supplied by NFS or iSCSI from servers within the above mentioned secured and guarded room. Measures need to be in place to ensure physical network security and integrity as well. Engineers and technicians who don't want to have to come to the installation to work need to find other employment. Have we learned nothing from the Iranians' atomic energy "misfortune?"
having seen parts of a power control network, I think they have a few tricks up their sleeves that you haven't considered, although in other areas you take it to the logical extreme that they aren't willing to do.
but shielding is not required when you use fibre for everything, and they use that for electrical isolation as well for security.
actually maybe their designs could be considered shielding, as site to site fibre comms has the fibre embedded in the high voltage wire, effectively shielding the fibre optics from miscreants with 115kV.
still nothing is perfect and they still run around with laptops to deal with the control grid and these devices still connect to the main corporate intranet and the internet i'm sure. still don't think it'd be trivial to attack remotely though.
This post has been deleted by its author
If your product is only considered secure with the confidentiality of the source code, plans, diagrams, etc... It wasn't secure to begin with.
Granted, developing an exploit may be easier if you have access to design materials, but the hole/bug/vulnerability itself was already present.
Even Chinas leaders acknowledge that their current course is unsustainable, hence purchasing huge swathes of agricultural land in Europe, South America and Africa. It is therefore likely there will be some type of conflict as they try to protect their interests, hence the stealth jets, aircraft carriers etc. They are looking to widen their reach. A few years ago a college suggested several options in regards to the increasing military use of cyber attacks and espionage by the Chinese, all of which points to a conflict in the next 150 years.
To avoid this there are several options that should be taken now.
Completely excluding them from the world wide web. whether physically or shutting them out via firewalls and excusion of chinese characters in operating systems and browsers.
Blockade all trade and technology transfer to China.
Imposition of a political ban on the Communist party and their little Princlings who like living in the west, fake or bought degrees from Harvard and Ferraris paid for by graft.
A population cull
and his most extreme suggestion being the "Nuclear option"