Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Offshore Drilling Rigs Vulnerable To Hackers

Soulskill posted more than 5 years ago | from the what-do-you-mean-software-needs-to-be-updated dept.

Security 116

Hugh Pickens writes "Foreign Policy magazine reports that a research team from the SINTEF Group, an independent Norwegian think tank, has warned oil companies worldwide that offshore oil rigs are highly vulnerable to hacking as they shift to unmanned robot platforms where vital operations — everything from data transmission to drilling to sophisticated navigation systems that maintain the platform's position over the wellhead — are controlled via wireless links to onshore facilities. 'The worst-case scenario, of course, is that a hacker will break in and take over control of the whole platform,' says Martin Gilje Jaatun, adding that it hasn't happened yet, but computer viruses have caused personnel injuries and production losses on North Sea platforms. The list of potential cyberattackers includes ecowarriors aiming to jack up an oil firms' production costs, extortionists drawn to oil firms' deep pockets, and foreign governments engaging in a strategic contest for ever-more-scarce global oil reserves, says Jeff Vail, a former counterterrorism and intelligence analyst with the US Interior Department. 'It's underappreciated how vulnerable some of these systems are,' says Vail. 'It is possible, if you really understood them, to cause catastrophic damage by causing safety systems to fail.'"

cancel ×

116 comments

Sorry! There are no comments related to the filter you selected.

A proper shell account (5, Funny)

Krneki (1192201) | more than 5 years ago | (#29200207)

Now, "I got a shell account" gets a whole new meaning.

Re:A proper shell account (1)

moon3 (1530265) | more than 5 years ago | (#29200829)

Imagine multiple shell accountS, steering a botnet of floating oil rigs. Run!

Re:A proper shell account (1)

sexconker (1179573) | more than 5 years ago | (#29203761)

Or swim leisurely alongside it.
They're not very fast.

Re:A proper shell account (1)

thePowerOfGrayskull (905905) | more than 5 years ago | (#29204009)

What is the sound of one joke flying far, far overhead?

Ahh, there it is! whooooooosh.

Astounding (3, Informative)

mysidia (191772) | more than 5 years ago | (#29200229)

computer viruses have caused personnel injuries and production losses on North Sea platforms

They run Windows-based control software, and don't take the most basic security precautions such as banning web browsing and operators from executing unsigned files on management consoles?

Even Microsoft will have in its smallprint ... (2, Insightful)

Viol8 (599362) | more than 5 years ago | (#29200257)

... (along with most other computer/OS manufacturers) that the OS is *NOT* to be used in situations where failure of the system may lead to injuries or loss of life. The fact that a consumer OS is being used at all, never mind one so suscpetable to malware, in a scenario wheres peoples lives may hang in the balance is frankly staggering.

in other nerd news, even twitter has XSS explots (-1, Offtopic)

ionix5891 (1228718) | more than 5 years ago | (#29200347)

http://twitter.com/apifail2 [twitter.com] :D [techcrunch.com]

So what? (1, Insightful)

Viol8 (599362) | more than 5 years ago | (#29200385)

We're talking about something a bit more critical than online text messaging for the facebook generation.

Re:So what? (0, Troll)

Anonymous Coward | more than 5 years ago | (#29200537)

Well, are we? XSS is a form of privilege escalation. You know there's a developer out there who builds a twitter client into an embedded system, so that the admin can get notifications on his cellphone and send remote commands when he's not on site... And don't say nobody would do that. They're running freaking aircraft carriers on Windows.

Re:So what? (1)

Viol8 (599362) | more than 5 years ago | (#29200827)

Fair point.

What is the alternative? (0)

professorguy (1108737) | more than 5 years ago | (#29203397)

The fact that a consumer OS is being used ... where people's lives may hang in the balance is frankly staggering

And your alternative is...? A specially built OS from Joe's basement? Yes, that will be much safer because we all know Joe is a pretty good programmer. And I can't see any problem with hiring people to work with, maintain, and extend Joe's system, because everyone will be so familiar with it. Yes, they'll be producing useful code in no time.

Most of the medical systems I work with (where lives hang in the balance) are plain ol' WinXP. It actually works out pretty well because finding someone who knows how to fix these systems is pretty easy. Seems like a reasonable tradeoff for the security problems since 99.999% of all service interruptions are not evil hackers, but a misconfigured system. Making it easier to do the rare stuff by making it harder to do normal stuff is a poor bargain.

Re:What is the alternative? (3, Insightful)

Mr. Freeman (933986) | more than 5 years ago | (#29209375)

You assume that the choices are:
A) Microsoft OS (which specifically states that it is NOT FOR USE WHERE PEOPLE MAY DIE)
B) Some fucking idiot with 3 days of C programming classes making a custom operating system.

Alright, I guess I have to explain this to you.
It is possible to hire experienced, knowledgeable people to develop custom operating systems. It is also possible to have that code thoroughly reviewed, tested, etc. to make sure it won't fail in such a way that people die.

Yes, it's more expensive to create/maintain/fix. But on the other hand, people won't die this way.

Seriously, do you use carabiners that say "not for climbing" when you go climbing because they're "cheaper" and "easier to replace"? If not, then you probably should so that you may rid us of your misguided thought that devices that say "NOT FOR USE WHERE PEOPLE MAY DIE" are perfectly suited to things where people may die.

Re:Astounding (2, Insightful)

Anonymous Coward | more than 5 years ago | (#29200363)

It confuses me to no end how many systems are based on Windows PCs, even though they only perform trivial tasks that wouldn't pose a challenge to something like a 16-bit home computer of 20 years ago, when operating systems booted of floppy disks and 2MB of RAM were luxurious. Those systems should run a stripped-down embedded OS, not a desktop OS. I've seen a self-checkout cash register system boot up: Java on top of Windows. Somebody got paid for that, handsomely too I suspect.

Re:Astounding (3, Informative)

Viol8 (599362) | more than 5 years ago | (#29200447)

"I've seen a self-checkout cash register system boot up: Java on top of Windows"

Back in the early 90s I used to work for a firm that did checkout software. When I arrived it was written in C with a large amount of assembler on top of DOS and ran at a blistering pace even on a 286. Then some gimp of a manager got taken to lunch by some greasy haired sales rep and next thing we knew it was being re-written in VB & Powerbuilder (yeah , I know, laugh now but people used to think it was cool) on top of Win 3.1.

Upshot? It ran at about 1/4 the speed and crashed far more often plus the PCs needed to be 386 minimum - cue lots of upgrading by customers.

Apparently they call it "progress".

Re:Astounding (1, Interesting)

Joce640k (829181) | more than 5 years ago | (#29200843)

The idea is to have something that people can maintain in the future. Maybe they didn't make the best of platform/language choices but there wasn't much else available at the time and the goal was the right one.

At least Windows is still around and can probably still run that app. If they'd chosen the "best" platform available on consumer hardware back then (maybe OS/2...) they'd have been just as badly off in the long term as if they'd stuck with MS-DOS.

Re:Astounding (0)

Viol8 (599362) | more than 5 years ago | (#29201213)

"The idea is to have something that people can maintain in the future."

Sorry - the idea is to provide the best value for money to customers. Charging more for something slower and less reliable that required them to upgrade their hardware while they were at it is not.

Re:Astounding (5, Insightful)

MrNaz (730548) | more than 5 years ago | (#29202639)

This whole thread is on the wrong track.

Safety on an oil rig should not be in software. It should be mechanical. A big fat mechanical-reflex operated titanium counterweight that closes a wellhead when pressure is lost can't be hacked in software. Yea, they can shut the rig down, but catastrophic permanent environmental damage is avoided.

The same goes for all last-line safety systems. They should be 100% mechanical, uninfluenced by these unreliable, capricious devices we call computers.

Re:Astounding (1)

Gizzmonic (412910) | more than 5 years ago | (#29204253)

The same goes for all last-line safety systems. They should be 100% mechanical, uninfluenced by these unreliable, capricious devices we call computers.

Totally agree...and I think most people who work IT for a living would agree with you.

Re:Astounding (1)

TooMuchToDo (882796) | more than 5 years ago | (#29204405)

I have no idea why you haven't been moderated to +5 yet. THIS! a thousand times. Always, always, always! build mechanical safety into your system. A computer control failure should never cause disaster (see: graphite rods dropping into a nuclear reactor during a scram).

Re:Astounding (1)

Teun (17872) | more than 5 years ago | (#29204447)

The ultimate safety is dealt with along lines like you propose, big valves that are self contained with autonomous power like spring loaded or Nitrogen charged.
But you don't ever want to get in a position where this ultimate protection is needed because the recovery is often extremely expensive.
And these days it is indeed, with some Unix exceptions, the rule that anything electronic is running on Microsoft products with all the associated problems.

Luckily there are still a few Old Hands out there that recognise a catastrophe in the making and are able to stop it but they are a dying breed...

Re:Astounding (1)

Mr. Freeman (933986) | more than 5 years ago | (#29209449)

More important than mechanical safety is redundant, reliable, tested hardware. E-stop switches aren't useful because they're mechanical. They're useful because they fail-safe (i.e. the system stops if the button isn't functional).

Re:Astounding (4, Insightful)

lysergic.acid (845423) | more than 5 years ago | (#29201737)

How is going from C + ASM on DOS to VB + Powerbuilder on Win 3.1 more maintainable? Are you seriously suggesting that all embedded systems should be running a desktop OS for maintainability reasons (or that no embedded software is maintainable)?

I remember using VB4 back in the day (Win98, I think) and even then the VB IDE had a hard time opening VB3 projects. Good luck trying to get Visual Studio 2008 to open a VB2 project. With C and ASM, at least you can code the project in a variety of IDEs--even plaint-text editors. What are you going to use to open an .frx file other than VB?

Furthermore, you can write maintainable C/ASM code for an embedded RISC/ARM processor just as you can write unmaintainable spaghetti code for an x86 Windows platform. If you're writing software for a desktop platform, you're going to have to update it every few years to keep up with changes in the mainstream desktop platform (new OS, new processors, etc.). If you're writing software for embedded systems then you'll only need to update your software when you decide that you want to change processors, chipsets, or add new features. Re-compiling your code for the next version of the ARM processor is likely to be easier than re-writing your entire application to use a different set of system libraries.

Re:Astounding (0)

Anonymous Coward | more than 5 years ago | (#29201893)

Someone woke up without their sarcasm detector this morning.

Re:Astounding (1)

umghhh (965931) | more than 5 years ago | (#29202303)

that sounds so familiar. We have fault reporting system here. Original was done on mainframe and was working well. Then they webized the interface but it was still working as mainframe did the DB crunching. Then 'suddenly' y2k came and they threw away the mainframe. The webized solution was scrapped off of all non-essential features and was wobbling around for a while until few years later they announced the new shiny version of it with 'new' features (some of them scrapped before). The only difference in these 'new' features comparing to old ones is that they 'improved' them so that now we have to work around them because they malfunction so badly.

Yes indeed this is 'progress'.

Re:Astounding (1)

hesaigo999ca (786966) | more than 5 years ago | (#29204781)

I guess you have yet to learn the golden rule, he who has enough gold to give anyone, can make the rules, with his or YOUR company. I wonder how much kickbacks your manager got by signing up with the NEW company to provide the NEW and IMPROVED POS....seriously, this is why so many bad apps and companies are still capable of doing business, they have greasers, smooth over the guy in charge of buying, and gets them kickbacks, and the company suffers a downward spiral, as the NEW app barely holding at the seams is replacing an older but more stable version of the same thing.

I guess as much as I hate to see old dos screens, this is why I respect a company that holds on to their technology, when they need to...and don't jump just because M$ or someone else says to jump.

Re:Astounding (0)

Anonymous Coward | more than 5 years ago | (#29200661)

Because the cost to get developers with the knowledge of computer from 20 years ago is a teensy weensy bit higher than using a universal OS+language+run-of-the-mill computer. Plus if the whole backend runs Java, why would you want to introduce another language/API?

Sure you can run a register on a calculater, written in assembler in less than 4k. However a supermarket is a business and not a hobbyist programming competition :)

Re:Astounding (2, Insightful)

Anonymous Coward | more than 5 years ago | (#29200897)

I'm not proposing that cash register software should be written in assembly language and run on 16bit processors. I just don't understand why a cash register needs a copy of Solitaire and Internet Explorer, especially when the application doesn't even use anything Windows specific because it runs inside the JavaVM.

Where it the article... (2, Interesting)

sean.peters (568334) | more than 5 years ago | (#29202905)

... does it say they used Windows? At a recent conference on software safety and security, I heard a presentation on this topic that indicated that a lot of these incidents are like the one quoted in the article - a disgruntled employee or ex-employee with knowledge of how the system works, hacks into the wireless control network, and causes damage by incorrectly operating valves or altering sensor readings, causing an inappropriate reaction by the system. The example quoted was a water treatment facility that was part of a resort complex in Australia. Like this example, one of the contractors that installed the wirelessly operated system was disgruntled over not getting a permanent job. So he showed up outside the facility with a wireless equipped laptop, gained access to the system, and caused raw sewage to be discharged into the environment. He did this repeatedly before being caught. But this had nothing whatsoever to do with Windows.

Given that the article provides no examples, I take the line about "computer viruses causing injuries and production losses" with a huge grain of salt. I'd bet the mortgage payment that what really happened is that computer viruses in non-essential, but Windows based systems caused economic damages by deleting or altering financially significant data.

Re:Where it the article... (1)

mysidia (191772) | more than 5 years ago | (#29204095)

The article says:

computer viruses have caused personnel injuries and production losses on North Sea platforms.

In this day and age there aren't many DOS viruses floating around on closed systems.

Re:Where it the article... (2, Insightful)

mysidia (191772) | more than 5 years ago | (#29209659)

Actually, sorry. Inadequate access controls and credential security on the wireless control network and insufficient encryption of data channels is an even worse situation indicating an even greater level of incompetence (or lack of existence) of network security staff.

Wireless control networks are inherently dangerous. When an employee is released, their credentials must be made invalid immediately, and the encryption keys should be changed frequently.

Re:Astounding (1)

Z00L00K (682162) | more than 5 years ago | (#29203263)

Maybe the oil industry should look for alternate network technologies like DECnet or SNA to keep the majority of the hackers out?

Sure - it will cost some more in acquiring the competence, but on the other hand the risk for a penetration from the internet is a bit lower.

Re:Astounding (1)

mysidia (191772) | more than 5 years ago | (#29204245)

Competence is the problem. If they're not competent enough with IP on Ethernet to secure it and design it to prevent internet access, what hope do they have of properly securing their DECnet or SNA infrastructure, and yet still being able to manage it all?

They can make sure internet connectivity is impossible by using IPv6 only, implementing 802.1x with strong L2 switch security options, using an ample number of subnets, not connecting routers to the internet (or using ACLs both upstream and downstream to block aggressively).

And without anything so exotic and questionable as DECnet.

Just now saw the movie HACKERS? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#29200259)

Unpossable!

WTF: OpenSource Tag More Important (0, Informative)

Anonymous Coward | more than 5 years ago | (#29200289)

WTF is up with this? SCADA might be an open standard but from what I've seen most of it is definitely not opensource or running on an "opensource" platfrom.

Most rely on the decades-old supervisory control and data acquisition (SCADA) software, written in an era when the "open source" tag was more important than security, said Jeff Vail, a former counterterrorism and intelligence analyst with the U.S. Interior Department.

Re:WTF: OpenSource Tag More Important (3, Insightful)

Informative (1347701) | more than 5 years ago | (#29200557)

Either the reporter doesn't get it, or it's FUD. Wikipedia lists two open source versions: OpenSCADA and FreeSCADA, but mentions that the original versions (presumably "decades-old") were on Unix or VMS and proprietary; hardly open source. (http://en.wikipedia.org/wiki/SCADA)
The "Astounding" post above says "They run Windows-based control software". That *is* astounding, and should be considered criminally negligent.

Re:WTF: OpenSource Tag More Important (1)

Zantac69 (1331461) | more than 5 years ago | (#29200835)

Thus the reason why he is "free lance"...

In all honesty though, this (along with a billion other things) needs to be considered by competent computer admins and not jackasses sitting in the leather chairs.

The "astounding" post might say that... (1)

sean.peters (568334) | more than 5 years ago | (#29202935)

... but the actual article doesn't. I think we're assuming too much here.

I remember how this one goes (2, Funny)

Sockatume (732728) | more than 5 years ago | (#29200331)

So, you hack in, and then it turns out that the Patriots have released nanomachines to control the flow of phonemes as part of the S5 program to eliminate the meal of breakfast in collaboration with the reverse vampires.

Re:I remember how this one goes (1, Funny)

shoptroll (544006) | more than 5 years ago | (#29200381)

I think you need a "DaVinci" virus involved too

Re:I remember how this one goes (0, Troll)

SeeSp0tRun (1270464) | more than 5 years ago | (#29200477)

Does this mean we get to see Jolie's boobs again?

Re:I remember how this one goes (1)

spencerg83 (972647) | more than 5 years ago | (#29202375)

So, you hack in, and then it turns out that the Patriots have released nanomachines to control the flow of phonemes as part of the S5 program to eliminate the meal of breakfast in collaboration with the reverse vampires.

I think you need a "DaVinci" virus involved too

Yes! And only then can you do it for the Lulz.

How long... (2, Insightful)

fuzzyfuzzyfungus (1223518) | more than 5 years ago | (#29200427)

Before "Therac-25" becomes a verb in general use?

"What happened to Bob?"

"He was Therac-25ed by the drillbot when the control system went down."

Re:How long... (0, Redundant)

quanticle (843097) | more than 5 years ago | (#29203283)

I think its much snappier to say "Therac'd". As in:

What happened to Bob?

He was Therac'd by the drillbot when the control system went down.

Eco-warriors? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#29200463)

Please.

sounds like (2, Funny)

gEvil (beta) (945888) | more than 5 years ago | (#29200507)

I smell the makings of a new Michael Bay movie! A group of terrorists from (insert nation/region here) systematically take over all the robotic oil rigs and hold the world's oil supply hostage. And only one man can take them on to save the world!

Re:sounds like (1)

jeffshoaf (611794) | more than 5 years ago | (#29200925)

And only one man can take them on to save the world!

And, unfortunately, he blew himself up while blowing up an asteroid to save the world a few years back...

Re:sounds like (2, Funny)

theIsovist (1348209) | more than 5 years ago | (#29201477)

come on, hackers taking over oil rigs (or tankers for that matter?!) Who would make a movie like that? Oh wait... http://www.imdb.com/title/tt0113243/ [imdb.com]

Re:sounds like (1)

Ozlanthos (1172125) | more than 5 years ago | (#29201735)

We NEED to hack the Gibson!

-Oz

Re:sounds like (1)

spencerg83 (972647) | more than 5 years ago | (#29202423)

The hardest(easiest?) part of the film would be to somehow work in a HP Computer and Ford Auto product placement into the scenes..... Maybe have an oil rig worker "phone" home using an HP computer, but the connection breaks up, meanwhile his wife is with his baby, who is crying?

Re:sounds like (1)

tlhIngan (30335) | more than 5 years ago | (#29202477)

I smell the makings of a new Michael Bay movie! A group of terrorists from (insert nation/region here) systematically take over all the robotic oil rigs and hold the world's oil supply hostage. And only one man can take them on to save the world!

Not quote the same plot, but since Michael Bay did have his fingers in the franchise, you did describe the last scene in the first "episode" of the Transformers [tfwiki.net] cartoon... except it was robotic "terrorists" taking over an oil rig...

Re:sounds like (1)

ThinkWeak (958195) | more than 5 years ago | (#29204471)

That's right up Steven Seagal's alley. Is the world ready for a Michael Bay and Steven Seagal collaboration? Under Siege 3: 3l1t3 4RMY

A movie with the eye-candy of the Transformers series combined with legendary acting skills.

This christmas, Casey Ryback's cooking some botnet stew

Hack The Planet (4, Funny)

ticklemeozmo (595926) | more than 5 years ago | (#29200535)

I hope nobody finds the old Davinci Virus which was written about 25 years ago...

Re:Hack The Planet (2, Funny)

Chris Mattern (191822) | more than 5 years ago | (#29200715)

Don't worry, Dan Brown completely obfuscated the code for that.

Re:Hack The Planet (2, Interesting)

Galestar (1473827) | more than 5 years ago | (#29200951)

I think somebody's going slap happy with the Troll mods. Either that are just never saw Hackers.

Re:Hack The Planet (0)

Anonymous Coward | more than 5 years ago | (#29202071)

How is this a troll? I thought it was funny.

Re:Hack The Planet (1)

rocketPack (1255456) | more than 5 years ago | (#29202345)

I only clicked on this article to see how far down I'd have to scroll to find this exact reference. Well done, sir. Well done.

Re:Hack The Planet (1)

mdougan (862364) | more than 5 years ago | (#29202571)

LOL, I did the exact same thing.

Re:Hack The Planet (0)

Anonymous Coward | more than 5 years ago | (#29204923)

I only clicked on this article to see how far down I'd have to scroll to find this exact reference. Well done, sir. Well done.

Strangely I did the exact same thing.

Re:Hack The Planet (1)

chord.wav (599850) | more than 5 years ago | (#29204863)

What do you mean it was in the garbage folder? The Gibson ran out of disk space and I've emptied the recycle bin 24 years ago!

Captain Planet (1)

castironpigeon (1056188) | more than 5 years ago | (#29200573)

So I'm guessing this is why we don't see that show on the air anymore.

Re:Captain Planet (1)

fuzzyfuzzyfungus (1223518) | more than 5 years ago | (#29200707)

Captain Planet, he's our hero
Gonna take pollution down to zero.

With extreme prejudice.

SINTEF is no "think tank" (4, Informative)

orzetto (545509) | more than 5 years ago | (#29200639)

SINTEF [sintef.no] is not a think tank, it is a major applied-research institution [wikipedia.org] . It is similar (with due proportions) to the Fraunhofer Institute in Germany.

Re:SINTEF is no "think tank" (1, Interesting)

Anonymous Coward | more than 5 years ago | (#29200907)

And like Fraunhofer they are involved in several fields. One of them is creating some of the software systems at risk.

I think what the SINTEF guy is saying is: "My coworkers in the floor above my office (SINTEF Petroleum Research) doesn't know how to create secure software." If anything goes wrong in the Integrated Operations projects SINTEF is involved in Martin can say "I told you so!"

http://www.sintef.no/Home/Information-and-Communication-Technology-ICT/Software-Engineering-Safety-and-Security/Research-groups/Information-Security/Information-security-in-integrated-operations/

http://www.sintef.no/Home/Information-and-Communication-Technology-ICT/Software-Engineering-Safety-and-Security/Projects/IO-SFI/

Let's have a heated discussion on Slashdot about this internal issue!

Some things should require engineering licenses (1)

davidwr (791652) | more than 5 years ago | (#29200899)

Well, maybe not an engineering license but something with a professional license.

Communications that involve equipment that can kill or do a lot of harm to the planet should be reviewed and stamped by someone who can certify that the systems are safe to use and resistant to attacks by likely attackers and that any failure will be graceful, at least from a "people don't die, oceans to get heavily polluted, and the nation's oil supply isn't choked off for too long" standpoint. Of course, as the definition of "likely attacker" changes these will need to be re-certified.

By the way, not all solutions are technical. If the problem is someone forging credentials claiming to be the boss, calling the boss up on the phone and asking him how his camping trip last weekend went then asking him to confirm the instructions might be the best way to detect a fake. Of course, that's not totally immune from a man-in-the-middle attack but it helps.

Hackers (0)

Anonymous Coward | more than 5 years ago | (#29200911)

I'm sure Crash Override and Acid Burn can put a stop to them.

WEP (1)

mx_mx_mx (1625481) | more than 5 years ago | (#29201005)

And this big question is: How many oil rig platforms use WEP? I bet that all of them do

Re:WEP (1)

Ozlanthos (1172125) | more than 5 years ago | (#29201811)

Just like they are probably all using the same copy of Win98

-Oz

Re:WEP (1)

natehoy (1608657) | more than 5 years ago | (#29203045)

If they are using traditional WiFi, then there's an easy way to protect the oil platform. Surround it with frikkin sharks, frikkin sharks with frikkin laser beams.

SINTEF should not Cry Wolf (4, Informative)

Terje Mathisen (128806) | more than 5 years ago | (#29201037)

Disclaimer: My first job after graduation was with SINTEF, next I worked 24 years for Hydro/StatoilHydro (Norway's largest offshore oil operator), where I (among many other things) specified how the production and admin networks should be separated on each platform.

First of all: Most North Sea platforms use fiber links these days, microwave is only there as a backup in case something cuts the fiber, which means that if you want to use the radio link as your attack point, you must first locate and disable the fiber(s).

Second, the production networks, which is the only part which can directly affect platform infrastructure has significantly better security than the office/admin net.

I.e. you would first have to hack into the regular StatoilHydro network, then find a way to pass through the admin/process firewall before you could even start to try to take over one or more control computers. (And afaik none of these run any form of open source SCADA sw.)

Finally, the 'integrated operations' mentioned in the article consists of special on-shore operations rooms which have strict physical security checks: The computers inside these rooms are indeed part of the production network, they have no direct links at all to the office/admin net and/or the Internet.

Terje

Re:SINTEF should not Cry Wolf (1)

Xiterion (809456) | more than 5 years ago | (#29201673)

(And afaik none of these run any form of open source SCADA sw.)

I didn't know there was any form of open source SCADA. Besides, what does open vs. closed source have to do with hackability of the machines on the control network?

Re:SINTEF should not Cry Wolf (0)

Anonymous Coward | more than 5 years ago | (#29203681)

check out mango
http://mango.serotoninsoftware.com/ [serotoninsoftware.com]

it provides open source supervisory control and data acquisition

Re:SINTEF should not Cry Wolf (0)

Anonymous Coward | more than 5 years ago | (#29201825)

Shhh! Be quiet. If people don't get into a panic about this, oil prices won't skyrocket. If oil prices don't skyrocket, how else will we justify a raise in gasoline prices this Labor Day?

Re:SINTEF should not Cry Wolf (1)

plopez (54068) | more than 5 years ago | (#29203431)

So by "wireless" they mean "microwave" which even if obsolete military encryption methods are used (microwave comms are used for US naval comms) it is in no way like wireless communications used onshore. Microwave is directional as well meaning you would have to get inline with the beam. Correct?

OTHOH, the way Norwegian oil companies operate as opposed to US companies operate offshore makes the US comanpies look like a bunch of boyscouts, from what I've been told. Always cutting corners, bad management, under trained staffing, under staffing, etc. compared to the Europeans.

Re:SINTEF should not Cry Wolf (1)

Teun (17872) | more than 5 years ago | (#29204629)

The Oil companies in the US should not be compared to boyscouts but cowboys.

Please note I did not write US oil companies...

30 - 40 years ago the US oilfield gave the world it's How-To, since some 15 years it's the other way around.

But it must be said that when safety is critical the simplest system is still superior, when the 10 pound sledge hammer doesn't cut it you get a 15 pound hammer.

Re:SINTEF should not Cry Wolf (0)

Anonymous Coward | more than 5 years ago | (#29210993)

I'm not sure what difference you're trying to draw between microwave comms and "wireless comms used onshore". Microwave means (depending who is defining it) ~1 GHz and up (note that this includes WiFi at 2.4 and 5GHz). All microwave comms are basically line-of-sight, with no skywave or groundwave (neither on land nor sea) propagation, and rather limited crest diffraction, so in that sense they're all "directional". Microwave comms for offshore use are exactly the same as those for onshore use, and significantly different from either onshore or offshore HF/VHF comms.

If by directional, you meant that they would use directional antennas, that's generally the case (essentially, antenna directivity becomes increasingly affordable with frequency, and compensates for the greater free-space path loss); probably dish, SBF, or horn antennas. But any antenna has some sensitivity off-axis, so you don't have to be exactly in-line; you can compensate for the aiming loss with a few dB more gain on your transmitting antenna, more power, or just shorter range. If the link is good for 100 miles of inclement weather with proper aiming, you should have no problem drowning it with the same EIRP from a boat a couple miles away in good weather, and even less if you can get close.

Encryption may or may not be an issue, but I don't know why they'd be using military encryption. They're not hobbyists shopping for surplus radios on ebay; I expect they use commercial systems with either no encryption, or off-the-shelf commercial encryption as provided by the manufacturer. Certainly encryption should be used, but you'd be surprised the number of signals transmitted in the clear because the information is non-sensitive to listening, either with no thought to false transmissions, or with the /assumption that "the law" will magically keep bad people from doing illegal things like transmitting on their frequencies.

Re:SINTEF should not Cry Wolf (1)

TooMuchToDo (882796) | more than 5 years ago | (#29204465)

I am surprised and relieved to know that someone was able construct a proper air gap in an environment that demands it. Kudos!

Re:SINTEF should not Cry Wolf (0)

Anonymous Coward | more than 5 years ago | (#29204829)

One thing to consider though is the network is infested with humans and humans are very unsecure.

Re:SINTEF should not Cry Wolf (2, Informative)

ouachiski (835136) | more than 5 years ago | (#29210345)

Almost all of the big oil companies have no Internet connection to mission critical parts of the rig. They have there own rack of equipment at the earth station with a dedicated line back to there offices. This rack of equipment is isolated from all equipment in a locked cabinet. If they want Internet on the oil platform it requires a completely different modem but that is a luxury item on these platforms. I see every day just how strict these companies are on security. Unless you have a key to get into the equipment room and then a key to git into there own locked rack or are at there offices with there massive amounts of security you cant even ping a modem that runs this mission critical data.

ecowarriors (-1, Troll)

Anonymous Coward | more than 5 years ago | (#29201055)

Wait the ecowarriors are the bad guys in this story? that's news to me.

if the ecowarriors caused enough havoc to shut down these oil platforms completely, we'd ALL win because we'll have a livable planet for that much longer.

Windows strikes again !! (1)

MrData (130916) | more than 5 years ago | (#29201183)

What was left out of the article is the obvious, virtually all of these platforms run some variation of MS windows .... tick, tick, tick .....

Tock tock tock: Shoot the mouse that ran up clock (0)

Anonymous Coward | more than 5 years ago | (#29202225)

"What was left out of the article is the obvious, virtually all of these platforms run some variation of MS windows .... tick, tick, tick ....." - by MrData (130916) on Wednesday August 26, @10:13AM (#29201183)

See subject-line, & no more worries... HOW? Easily enough:

----

HOW TO SECURE Windows 2000/XP/Server 2003 & even VISTA, + make it "fun-to-do", via CIS Tool Guidance (&, beyond):

http://www.tcmagazine.com/forums/index.php?s=348f9a2df4f9c3123de3554c49e7191f&showtopic=2662 [tcmagazine.com]

----

IT WORKS...

How well? Ok, a testimonial, from -> http://www.xtremepccentral.com/forums/showthread.php?s=79253c5b286c472a012ff2ef7e7f2230&t=28430&page=3 [xtremepccentral.com]

----

"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Great stuff! My client STILL Hasn't called me back in regards to that one machine to get it locked down for the kid. I am glad it worked and I am sure her wallet is appreciated too now that it works. Speaking of which, I need to call her to see if I can get some leads. APK - I will say it again, the guide is FANTASTIC! Its made my PC experience much easier. Sandboxing was great. Getting my host file updated, setting services to system service, rather than system local." THRONKA, user @ xtremepccentral.com

----

That's 'how well'... & For going on 2++ yrs. now for Thronka & his paying clients, & for myself? Since 1997-1998 or so, through many machines since those days, to the present today, same results here!

APK

P.S.=> Enjoy - that guide, once you apply its points? It MAY "change your 'pov'" on Windows... Especially because you're such a "Pro-*NIX" type, evidently! apk

What is this guy pushing? (1)

DarkAnt (760333) | more than 5 years ago | (#29201193)

Most rely on the decades-old supervisory control and data acquisition (SCADA) software, written in an era when the "open source" tag was more important than security, said Jeff Vail, a former counterterrorism and intelligence analyst with the U.S. Interior Department.

Have the Superman movies taught us nothing? (1)

JuSTCHiLLiN (605538) | more than 5 years ago | (#29201793)

If a guy that gives the wrong finger [youtube.com] can hack the world's oil supply we're all in trouble.

Well... (1)

jamstar7 (694492) | more than 5 years ago | (#29201849)

Guess it gives a new dimension to the expression "hacking heavy metal"...

Problem I see with totally automated rigs is, there are some situations that will arise that require humans to work around. Teleoperated rigs just won't be able to handle it without some "hands on" work. I've got some friends in the drilling game (water & core sampling here in the Southwest), and they tell me that every hole drilled is different, each presents its own set of problems. Until they build true machine intelligence, people are gonna need to be in the loop.

The real problem is OPC... (2, Informative)

simp (25997) | more than 5 years ago | (#29201861)

These days everybody runs on Windows XP. No problem there; XP machines can be made secure. The real problem is this quote from the report: "We have performed penetration testing on OPC, which is a central component in process control systems on oil installations.". OPC protocol is based on DCOM. And most people want to do DCOM via a network to remote platforms. That is where the problems start. DCOM is horrible. There are solutions: Matrikon makes a good tunneler program for example, other SCADA and DCS vendors also do tunneling of OPC via safer methods than DCOM over a wide area network.

Conclusion: the report has some good points, the summary in the above link is FUD.

Disclaimer: I work with DCS's (also on remote oil platforms) for a living...

Put human workers back (1)

TheDarkMaster (1292526) | more than 5 years ago | (#29201887)

Some things needs to be done only by human workers on site.

I hope the oil companies will at least... (2, Insightful)

Dr_Ken (1163339) | more than 5 years ago | (#29202067)

...pay a few real live human beings to stay on those rigs to provide some degree of security. In the end I trust people way more than tech or code no matter how advanced it is. Automation is fine and more efficient but if things go balls up it's nice to have a guy on site that can pull the plug or push a button and shut it all down before millions of gallons of crude go pouring into the ocean.

Re:I hope the oil companies will at least... (2, Informative)

SleazyRidr (1563649) | more than 5 years ago | (#29204309)

IAASE (I am a safety engineer) (mainly working with offshore oil)

The thing about that is that to have one or to people there you need to have the whole set of things to keep people alive. Think space travel (albeit to a far lesser extent.)

One of the projects I was working on called for unmanned operation but people to go onto the platform for offloading (every two weeks.) That caused a real fun 'discussion' coz if you're going to put someone on there every two weeks, you may as well leave them there full time for all the hassle it's going to cause.

Final point: the principle reason for having unmanned platforms is money, but the savings are mainly in the reduced need for safety systems and the lower risk (lower insurance etc.) Putting people out there is an incredible ricky proposition, so just from a safety standard should be avoided whenever possible.

While it's important to secure these things- (1)

FlyingSquidStudios (1031284) | more than 5 years ago | (#29202085)

I seriously doubt there are many (if any) hackers out there competent enough to hack into and disable an oil platform who would actually do this. Every few months, we hear about how our power grid is vulnerable to hackers or our water supply or all sorts of other things, but hackers have yet to actually attack any of those things. Sure, it's possible one day. Anything is possible. It's just not very likely based on past history.

Re:While it's important to secure these things- (1)

Teun (17872) | more than 5 years ago | (#29204775)

It's not only hackers that are a thread, the more immediate problems arise out of the use of ill-maintained Microsoft systems.

The management of oil companies comes out of the ranks and doesn't understand electronics one bit.

So the moment a Microsoft salesperson comes by with a nice powerpoint simulation of how you can cut down on the workforce they are bought.

Until the cleaner puts his USB drive in one of the many networked computers and the resulting virus outbreak causes total loss of control.

A scenario that is counteracted with colourful laminated signs warning against the use of unauthorised USB drives.

Strange enough it keeps repeating itself.

Obligatory (0)

Anonymous Coward | more than 5 years ago | (#29202475)

Frankly, I welcome our new unmanned, hacked robot platform overlords.

Caution (0)

Anonymous Coward | more than 5 years ago | (#29202717)

It won't be long before they start warning us about Zombie Nazi Raptors Ahead.

TFA seems to have some dubious facts (1)

non-e-moose (994576) | more than 5 years ago | (#29203629)

There are a couple of "iffy" items in the article. First, how can an oil leak detector cause oil leaks (let alone spills)? That like saying having a faulty gas gauge on my car is going to either keep the tank completely empty or completely full all the time. Secondly, a claim is made that "computer viruses have caused personnel injuries". This seems unlikely; without specific examples, it seems more likely to be a case of alarmist authorship or convenient excuse for another root cause.

Re:TFA seems to have some dubious facts (2, Insightful)

TooMuchToDo (882796) | more than 5 years ago | (#29204503)

There are a couple of "iffy" items in the article. First, how can an oil leak detector cause oil leaks (let alone spills)?

If you're an attacked were to determine there was an existing leak, then disable the leak monitor, then command a pump to increase pressure, you could cause damage depending on the pressure rating of the pipes/fittings in question. Other than that, I agree that it would be difficult to cause damage with simply a sensor alone (unless it's a critical sensor in an industrial process).

Re:TFA seems to have some dubious facts (1)

Teun (17872) | more than 5 years ago | (#29204939)

Maybe the oil leak detector (oil-in-water) was disabled by a software problem thus the oil spill was not detected.

When process control in heavy industry is going down very dangerous things can and will and did happen.

Every oil company has already had it's share and yet they (management, not operators) often continue to act like total noobs.

Because the cheaper solution gets you promoted and the clean up is for the next guy.

It's not the big companies, it's their vendors (0)

Anonymous Coward | more than 5 years ago | (#29205399)

Major companies are pretty good on security, but their equipment suppliers are awful. When SCADA vulnerabilities first became more openly known, I brought this up to a SCADA vendor as a polite warning. The response? "Oh, no one knows about our stuff so we're safe because of that."

Happy hunting wolves. The rabbits are clueless. One day someone is going to make a lot of money fixing this.

I also heard that (1)

greycortex (600578) | more than 5 years ago | (#29210257)

Unmanned oil platforms take care of the hooker vulnerability.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?