Modem-wiping malware caused Viasat satellite broadband outage in Europe Tens of thousands of Viasat satellite broadband modems disabled in a cyber-attack some weeks ago were wiped by malware with possible links to Russia's destructive VPNFilter, according to SentinelOne. On February 24, as Russian troops invaded Ukraine, Viasat terminals in Europe and Ukraine were suddenly and unexpectedly knocked …
>Every administrative task should always be actively authorised at the recipient side
So millions of unpatched phones and cable modems on the internet until Granny remembers it's patch thursday, after her bridge club.
"until Granny remembers it's patch thursday"
or preferably, the vendor's devs were to make fewer crass coding errors in the first place. It's not as if modem firmware is generally a humungous piece of code. Many reported 'vulnerabilities' have been such - e.g. hard coded credentials - as should never have been perpetrated.
As I've said before, the common assumption that it's acceptable to release broken software must change.
You rather see these modems never get a security update? That's what would happen.
Because most sites with satellite modems won't know its password. They pay Viasat for a service, and Viasat manages the hardware that provides that service. That's also true for stuff like firewalls for small businesses - do you think e.g. a restaurant that has a firewall device to protect their POS network from hackers has someone on staff qualified to login to it and decide when to update? No, the company that supports their POS system supports the firewall.
Nevermind if the policy applied to consumer gear. Why do you think we went the route of automatic updates? It was because if we didn't then most stuff would never see a single update. Even if you have disabled automatic updates, most of the time you will be "reminded" every few days of available updates because otherwise many people would never update them.
Now theoretically if you had some modems apply the fix on the day it was available, some apply it a day later, and the rest three days later then something like this would hit fewer people assuming it was caught and stopped in time. It would also leave more people vulnerable if a 0 day had been found and fixed - because someone looking at the fix can probably determine what was fixed and therefore what the hole is, and attack the poor slobs you are getting the fixes on a delayed basis.
There is no "best way" to do this, but requiring the end user to apply fixes is the dumbest thing I've heard on the Reg in a while, and that's saying something.
"Every administrative task should always be actively authorised at the recipient side, so updates should be offered but not automatically installed."
By the owner? Maybe the kit is leased. That make either the ISP or ViaSat the owner.
First of all, wind turbines are not critical energy generation thingies - they're a welcome accessory, when they work, that is. Second, wind turbines have trouble spontaneously blowing up, and even more trouble irradiating the countryside.
The worst that can happen is that they lose their blades, and that would still be a local incident with a drop in production. Maybe the support could be damaged as well, but replacing a wind turbine is a sight easier than replacing a gas generator (let's not even think about replacing a nuclear power plant).
So, all in all, a single data line just might be an acceptable choice.
Besides, your dual backhaul would have been just as screwed if they had the same routers on both lines. And don't tell me that they wouldn't. The beancounters would not allow a more costly solution.
"Maybe the support could be damaged as well"
What do you mean "maybe"? Pretty much every video I've seen shows blade damage (or loss) leading to instability which tilts or shakes the head causing the blades that remain to slice into the support pole and then, well, gravity.
You’re very relaxed about wind turbines losing blades. So far, we’ve been very lucky. But the risks are pretty horrific, and it’s really only a matter of time. There are thousands lining U.K. motorways and train lines just meters from the vehicles. Just one blade loss there would probably cause dozens of lives lost on a motorway…or a thousand dead if it hits near a train.
A major hurricane large-scale blade loss event on an offshore wind farm is actually much worse from a loss of life perspective. I won’t go into why, the giving-people-bad-ideas problem, but you can probably figure it out for yourself. Rather worse than Chernobyl, in worst case.
The only thing scarier is hydroelectric power. The worst case disaster for a hydroelectric dam failure globally is *hundreds of millions* dead from a single event (Three Gorges, if/when it goes). For a bit of historical perspective, and currently quite relevant, suggest you read up on Zaporizhzia hydroelectric dam destruction in Ukraine. 20k-100k dead, and that was a *tiny* dam by modern standards.
A few years ago, I had the pleasure of looking after a wind farm - (20 turbines)
There was a central control access point on site, which monitored each turbine AND gave an operative remote access
The dial up number was a local area code std BT line, but the turbines had satellite modems, for head office to monitor 24/7
The surprising thing, to me, was the ability to disable access to the sat modems one at a time, and not site wide
I guess back 15 years ago, people weren't writing malware for modems - or were they?
I suppose back in the days there was never really any reason to have windfarms idle in high winds? I wonder if that's the biggest use case for remote connectivity these days, to modulate production when electricity prices turn negative?
(Instead of random powerplants tripping due to high frequency)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
