[CLUE-Talk] Windows virus affect nuclear plants!!

black at galaxy.silvren.com black at galaxy.silvren.com
Thu Aug 28 09:37:49 MDT 2003 

Yeah, the "but we have a firewall" response was echoed by a lot of
companies. Then someone took their laptop home, dialed in for some pr0n
and weather channel surfing, got infected, and... took their laptops to
work to promptly plug them into the network at 8am.

Happened here, and the next thing you know it's an infection bonanza on
5000 PC's.

So then the LAN techs decide to roll out a patch to the PC's 2 weeks after
the patch is announced and the worms are already rampant. Meanwhile, the
core routers puke and die under the 50,000 packet per second load all the
worm traffic is generating.

Then 3 days later it's discovered that the patch they've been rolling out
at login to clean the worm and patch the PC isn't taking on any of the
PC's because the patch requires at least service pack 2, and the PC's are
all stuck at an ancient service pack 1.

Now, everyone stand up and raise your hand if you are shocked to hear once
again that nobody bothers patching until a crisis is at hand. :)

And just to splash it all with a dose of humility, patch procrastination
is not just a Windows User Phenomenon. Linux/UNIX folks are just as lax.

Anyone read HitchHiker's Guide to the Universe? Seems like the LAN guys
rely on the firewall guys to keep everything harmonius, while the firewall
guys rely on the LAN guys to keep the PC's clean, and suddenly everything
is surrounded by a "Somebody Elses Problem" (SEP) field and nobody sees
what's actually there.

Pretty scary stuff. Dollars to donuts that the private network got
penetrated by someone plugging in a laptop.

On Thu, 28 Aug 2003, Kevin Cullis wrote:

> This is disturbing:
>
> The Slammer worm penetrated a private computer network at Ohio's
> Davis-Besse nuclear power plant in January and disabled a safety
> monitoring system for nearly five hours, despite a belief by plant
> personnel that the network was protected by a firewall, SecurityFocus
> has learned.
>
> http://www.securityfocus.com/news/6767
>
> Not that I'm against nuclear power, but using Windows in a nuclear power
> plant.
>
> Kevin
>
> _______________________________________________
> CLUE-Talk mailing list
> Post messages to: CLUE-Talk at clue.denver.co.us
> Unsubscribe or manage your options: http://clue.denver.co.us/mailman/listinfo/clue-talk
>

More information about the clue-talk mailing list