Washington, DC, Earth. April 1, 2014 — A critical vulnerability in the BNL Waste Allocator Load Lifter (Earth Class) industrial operating system, allowing remote privilege escalation and code execution through the injection of wOS control packets, has resulted in the compromise of waste removal automation on a global scale.
Of the millions of E class machines deployed globally that were compromised, one unit survived corruption. On this sole device, operators had actually applied a critical patch to the unit, allowing it to remain functional (if somewhat overwhelmed). The patch was released by BNL in June of 2007, after the original disclosure of the vulnerability by ICS-CERT, but sadly it was not widely deployed.
“We told you that using unauthenticated and un-encrypted application layer protocols was a bad idea,” said … well, just about everyone for the past few years. “But BNL apparently wasn’t listening. Now we’ve only got one Wall•E left, and it can’t keep up with the world’s waste removal demands. We’re up a certain creek without a paddle, and the embarrassing thing is that we made the creek.”
Forensic analysis of compromised lifter units and tracing of the Command and Control path was unable to determine the source of the compromise, although general consensus is that it was either Iran, North Korea, or China. Or Russia. Or possibly North America. We don’t really know. In the wake of the resulting global disaster, which forced the evacuation of all nations of the Earth this weekend, it seems that it doesn’t really matter who started it because the Earth is now a useless pile of garbage.
The attack is still a concern as it highlights common weaknesses in Industrial Control Systems by many vendors. Luckily, the escape cruiser Axiom, which currently utilizes an unpatched version of a commercial industrial engineering software package (running on state of the art Windows Vista on circa-90’s Pentium M class computing platforms, to save costs), is “Generally considered safe from attack.” According to AUTO, the Axiom’s Automated piloting AI system. “The ship is protected by a Space Gap,” AUTO said, in a confident monotone, “Which is even more secure than an Air Gap, because it’s in space.”
The remaining Wall•E unit was busy watching “Hello Dolly” and was not available for comment.
Tweet
Eric D. Knapp (@ericdknapp) is a recognized expert in industrial control systems cyber security, and continues to drive the adoption of new security technology in order to promote safer and more reliable automation infrastructures. Eric is currently the Director of Cyber Security Solutions and Technology for Honeywell, and is the Chief Technical Advisor, North America for the Industrial Cybersecurity Center. He is also the author of “Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA and Other Industrial Control Systems.” His new book, “Applied Cyber Security for Smart Grids” was co-authored with Raj Samani, McAfee CTO EMEA. The opinions expressed here represent Eric’s own and are not those of his employer. Previous Columns by Eric Knapp:Critical Vulnerability Discovered in Waste Automation, Results in Global Ecological DisasterShall We Play a Game?Tech Debate: Is The Cloud Critical Infrastructure?ISA Automation Week Conference Wrap UpISA Automation Week Day One Wrap Up: Building an ROI for Industrial Cyber Security
sponsored links
Tags: NEWS INDUSTRY
Vulnerabilities
