April 16, 20214 yr 6 minutes ago, we_gotta_believe said: Ironically, passwords being taped to the equipment isn't really much of a security risk in these cases. At least not when compared to how easily the operators can get phished because they aren't trained to spot suspicious emails, or how dumb they can be when it comes to finding random USB drives on the ground in the parking lot with the words TOP SECRET on it. I've been to a bunch of plants doing work and I could have stolen tons of passwords. As could any vendor servicing equipment and in some cases, the guys filling up the vending machines.
April 16, 20214 yr 1 hour ago, Toastrel said: This is very, very common. Generally speaking, a lot of these companies do not understand IT, firewalls, DMZs - the plant gets slowly computerized with more and more machines being connected. Eventually, some guy in section 12 needs Internet access and the entire network gets connected. The OS are all old, the firewalls are off, because you need somebody who understands ports used by software. The passwords are all simple for the guys running the machines, and standardized for shift work, and half the time are taped onto the equipment. Even worse I've seen small 3rd party development firms try to come in with their product and say they need firewalls turned off because they don't know enough about their own products to know which individual ports might need to be opened. Or even if they do, there's nobody on the ground who knows how to do more than turn the firewall on/off, so they just leave it off. These are firms that SHOULD know better, and they're compromising their client's networks. Ridiculous.
April 16, 20214 yr 3 minutes ago, Toastrel said: I've been to a bunch of plants doing work and I could have stolen tons of passwords. As could any vendor servicing equipment and in some cases, the guys filling up the vending machines. I hear ya, but the predominant threat in hacks like these almost always is from foreign agents which don't typically have physical access to the buildings. I'm not saying it's a prudent action by any means, but if I'm running a company like this, I'd train employees to spot phishing attempts, and restrict USB access well before I'd tell them to stop taping passwords to equipment.
April 16, 20214 yr 6 minutes ago, we_gotta_believe said: I hear ya, but the predominant threat in hacks like these almost always is from foreign agents which don't typically have physical access to the buildings. I'm not saying it's a prudent action by any means, but if I'm running a company like this, I'd train employees to spot phishing attempts, and restrict USB access well before I'd tell them to stop taping passwords to equipment. Just making the point that not only is there no IT security policy, they have no clue what it means.
April 16, 20214 yr 3 minutes ago, Toastrel said: Just making the point that not only is there no IT security policy, they have no clue what it means. Agreed 100%. We are as vulnerable as we are because employees are stupid, and execs simply don't take it as seriously as they should. They think money should be spent elsewhere right up until they're paying out millions in a ransomware attack.
April 16, 20214 yr 20 minutes ago, we_gotta_believe said: Agreed 100%. We are as vulnerable as we are because employees are stupid, and execs simply don't take it as seriously as they should. They think money should be spent elsewhere right up until they're paying out millions in a ransomware attack. Over half the plants I have visited still run Windows XP and Server 2003, local firewalls off.
April 16, 20214 yr 3 minutes ago, Toastrel said: Over half the plants I have visited still run Windows XP and Server 2003, local firewalls off. hey, it's only been 6 years since 2003 end of life'd. give them time.
April 16, 20214 yr 2 minutes ago, JohnSnowsHair said: hey, it's only been 6 years since 2003 end of life'd. give them time. I just had a client have me us a version of Ghost so old, it copies the files into 2GB chunks, imaging a Windows 2000 server (running remote desktop) so he could try to load the image on a fifteen year old recycled server.
May 10, 20214 yr Author Major oil/fuel pipeline was shut down after being the target of a ransomware attack. On 5/8/2021 at 10:55 AM, Talkingbirds said: Cyberattack on pipeline. https://www.bloomberg.com/news/articles/2021-05-08/u-s-s-biggest-gasoline-and-pipeline-halted-after-cyberattack Reportedly a group called DarkSide orchestrated the attack. They simply want to extort money.
May 10, 20214 yr 1 hour ago, toolg said: Major oil/fuel pipeline was shut down after being the target of a ransomware attack. Reportedly a group called DarkSide orchestrated the attack. They simply want to extort money. Now imagine other attackers who want to F up the USA
May 10, 20214 yr Author 36 minutes ago, Toastrel said: Now imagine other attackers who want to F up the USA Yes. We were lucky this time. Imagine what happens next time when somebody wants to mess up infrastructure.
May 11, 20214 yr Hearing that gas stations are selling out quick in VA after the south east ran out. Filled up my cars. I suggest you all either do it now or wake up early and do it tomorrow if you are in the area.
May 11, 20214 yr Author I think it will all work itself out in a few days to a week... Fill up now if you can. Or go north to New England or west to Midwest where they aren’t affected by the pipeline.
May 11, 20214 yr How do you get trumpbots to stop pinning the rising cost of gas on Biden? you stage a cyber attack on the pipelines and blame some Russian hackers. this shouldn’t shock anyone who’s paying attention.
May 11, 20214 yr Colonial Pipeline hackers apologize, promise to ransom less controversial targets in future https://www.theverge.com/2021/5/10/22428996/colonial-pipeline-ransomware-attack-apology-investigation They said they were sorry.
May 11, 20214 yr 8 minutes ago, Toastrel said: Colonial Pipeline hackers apologize, promise to ransom less controversial targets in future https://www.theverge.com/2021/5/10/22428996/colonial-pipeline-ransomware-attack-apology-investigation They said they were sorry.
May 11, 20214 yr Time to pass an infrastructure plan that includes funds for an upgrade of Cyber Security and systems to improve the grid etc. This should never be allowed to happen. Now our Nuclear Facilities could be a target.
May 11, 20214 yr 36 minutes ago, Toastrel said: Colonial Pipeline hackers apologize, promise to ransom less controversial targets in future https://www.theverge.com/2021/5/10/22428996/colonial-pipeline-ransomware-attack-apology-investigation They said they were sorry. Oh, well I feel so much better now.
May 11, 20214 yr On 4/16/2021 at 8:36 AM, we_gotta_believe said: Ironically, passwords being taped to the equipment isn't really much of a security risk in these cases. At least not when compared to how easily the operators can get phished because they aren't trained to spot suspicious emails, or how dumb they can be when it comes to finding random USB drives on the ground in the parking lot with the words TOP SECRET on it. These kinds of plants, should only have closed systems that are related to the production, operation and Maintenance of the facility. It should not be connected to an outside network. I assume that's one way to defeat hackers. Not checking your e-mail and opening an attachment on a computer that runs the nuclear rods and maintains the water levels.
May 11, 20214 yr On 2/11/2021 at 8:12 PM, mayanh8 said: Florida. That IT Guy and his Company should be fired immediately. A 5th grader could do better than that.
May 11, 20214 yr 23 minutes ago, jsdarkstar said: These kinds of plants, should only have closed systems that are related to the production, operation and Maintenance of the facility. It should not be connected to an outside network. I assume that's one way to defeat hackers. Not checking your e-mail and opening an attachment on a computer that runs the nuclear rods and maintains the water levels. Very few common utility systems like the one in question are truly air-gapped.
Create an account or sign in to comment