* Posts by drewf74

5 posts • joined 12 Nov 2014

Windows XP spotted on Royal Navy's spanking new aircraft carrier

drewf74

Not everywhere can run the latest and greatest OS

From the hundred or so comments on here, it seems to me that most have been made by people who are familiar with the typical IT world, and not so familiar with the OT world.

The ship will indeed have XP and even Windows 2000 systems on it. Most of them will be running SCADA applications to control the a/c and the like. I know it's surprising, but many nuclear power plants have the same deal, as do major transport systems, or conventional power plants, or water treatment plants, or pharmaceutical plants or.... You get the picture.

Is it a problem? Yup. But, there are reasons for using those 'legacy' systems, mostly to do with being proven to work and having been validated. Upgrading to a newer or alternative OS and patching them (oh yes, the ship systems will most certainly not be getting patched like most offices, even those running current OS installations), just isn't easy - please bear in mind not every machine runs browsers and fancy text editors all day, and the outcome when the kit doesn't work is more "problematic".

Why are only moneymen doing cyber resilience testing?

drewf74

Accidental connections

Unfortunately there are many instances of facilities which are run by people who don't believe they are connected to the internet, but since other people have been careless, or have added unauthorised bits of kit, they just happen to gain this connectivity.

Another slight problem - critical pieces of equipment which are being leased on a photocopier-style business plan, and the owners remotely VPN/dial-in (sometimes really dial-in on a modem) for maintenance and to read the meter. When there's the potential for plant-wide connectivity from that kit, securing that access point can be tricky. The bean-counters are not generally the same people as are responsible for security. Money saved at one end, could cost the entire corporation at the other.

Many of the industrial plants are believed to be secure since they are air-gapped. Worked a treat with Stuxnet though, didn't it? Since so many places are still running on XP (and will continue to do so for years, since it's not as easy as you might imagine to simply replace/upgrade equipment), getting a piece of malware to take root is not too hard. Patches? Not usually. A/V? Not usually... Will the engineer download something at home onto a laptop and take it inside the control network? Yep...

Big industry players are certainly aware of the issues, and plenty have programs to deal with it. Could be many years before most of those programs are really effective though.

Mr Cameron goes to Washington for PESKY HACKERS chinwag with Pres Obama

drewf74

Doesn't matter WHAT they say

...it only matters that they are talking about it and publicising the need for action. Personally, I don't care very much about Sony being embarrassed; I do care a great deal about our Critical Infrastructure remaining in place, the lights on, the water flowing etc. It's not an IT issue - there are more 'real' things to be concerned about.

Attackers planting banking Trojans in industrial systems

drewf74

Re: It doesn't look good

Lucky you. Not many places have the luxury of a ground-up secure design. Most are as leaky as a leaky thing with holes in it; most of the kit was installed before anyone really thought about security. It's going to take a long time to sort, starting from the current position.

'We' had people who believed the systems were totally secure. Armed with nothing more than an Android phone and a free app, I accessed a system and showed I could change a speed parameter. Nothing fancy, didn't even enter the physically secure plant room. Highly successful demo - jaws are still on the floor.

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2019