Continue to Site

Eng-Tips is the largest engineering community on the Internet

Intelligent Work Forums for Engineering Professionals

  • Congratulations KootK on being selected by the Eng-Tips community for having the most helpful posts in the forums last week. Way to Go!

Petrolem Pipeline Hack 7

Status
Not open for further replies.

hacksaw

Mechanical
Dec 7, 2002
2,565

How can a modern system, like this be hacked? Do they need to go back to pneumatic controls?
 
Replies continue below

Recommended for you

The dropdown goes up, then you need to slider up and down to get the "state or federal waters category, then do the same thing for the county. They (the programmers) could have done a better job with the user interface.

Screenshot_from_2021-05-18_18-52-28_rcykys.png
 
I hate the limited zoom detail that the public viewer has. They say it is to prevent terrorists from discovering exact location of critical facilities, however if you open Google Earth and zoom in, you can see every detail in most cases. Then if you go to Street View, you can almost pick the locks on the gates. That reason for limited zoom is simply total b.s.

It seems like the only thing you need to know to some real damage is an IP address or two.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.
 
The ransomware didn't affect the SCADA. It crippled the IT business processes of Colonial Pipeline's system. This was no Stuxnet, but just a simple off-the-self ransomware attack, that happened to smash an integral part of Colonial Pipeline's operations. Dragos put out this commentary about it Trying to secure critical infrastructure is a wicked problem, and neither the IT cyber guys nor we engineers are good at it.

Steve Griffing
PE(CSE), CISSP-ISSEP, PMP, PSP, CEH
ICS Security Engineering
Griffing Technology LLC
 
Thanks for the clarification Steve.

Bill
--------------------
Ohm's law
Not just a good idea;
It's the LAW!
 
I imagine that they lost track of all their scheduled receipts and deliveries, to/from whom and to where and when for at least a 30 days lookahead.

Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.
 
DHS directive for pipeline security.

"The company halted operations because its billing system was compromised, three people briefed on the matter told CNN, and they were concerned they wouldn't be able to figure out how much to bill customers for fuel they received. One person familiar with the response said the billing system is central to the unfettered operation of the pipeline. That is part of the reason getting it back up and running has taken time, this person said."


Statements above are the result of works performed solely by my AI providers.
I take no responsibility for any damages or injuries of any kind that may result.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor