1. IT-Security >
  2. Nuclear Plants Leak Critical Alerts In Unencrypted Pager Messages

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

Nuclear Plants Leak Critical Alerts In Unencrypted Pager Messages


IT Security vom | Direktlink: science.slashdot.org Nachrichten Bewertung

mdsolar quotes a report from Ars Technica: A surprisingly large number of critical infrastructure participants -- including chemical manufacturers, nuclear and electric plants, defense contractors, building operators and chip makers -- rely on unsecured wireless pagers to automate their industrial control systems. According to a new report, this practice opens them to malicious hacks and espionage. Earlier this year, researchers from security firm Trend Micro collected more than 54 million pages over a four-month span using low-cost hardware. In some cases, the messages alerted recipients to unsafe conditions affecting mission-critical infrastructure as they were detected. A heating, venting, and air-conditioning system, for instance, used an e-mail-to-pager gateway to alert a hospital to a potentially dangerous level of sewage water. Meanwhile, a supervisory and control data acquisition system belonging to one of the world's biggest chemical companies sent a page containing a complete "stack dump" of one of its devices. Other unencrypted alerts sent by or to "several nuclear plants scattered among different states" included: -Reduced pumping flow rate -Water leak, steam leak, radiant coolant service leak, electrohydraulic control oil leak -Fire accidents in an unrestricted area and in an administration building -Loss of redundancy -People requiring off-site medical attention -A control rod losing its position indication due to a data fault -Nuclear contamination without personal damage Trend Micro researchers wrote in their report titled "Leaking Beeps: Unencrypted Pager Messages in Industrial Environments": "We were surprised to see unencrypted pages coming from industrial sectors like nuclear power plants, substations, power generation plants, chemical plants, defense contractors, semiconductor and commercial manufacturers, and HVAC. These unencrypted pager messages are a valuable source of passive intelligence, the gathering of information that is unintentionally leaked by networked or connected organizations. Taken together, threat actors can do heavy reconnaissance on targets by making sense of the acquired information through paging messages. Though we are not well-versed with the terms and information used in some of the sectors in our research, we were able to determine what the pages mean, including how attackers would make use of them in an elaborate targeted attack or how industry competitors would take advantage of such information. The power generation sector is overseen by regulating bodies like the North American Electric Reliability Corporation (NERC). The NERC can impose significant fines on companies that violate critical infrastructure protection requirements, such as ensuring that communications are encrypted. Other similar regulations also exist for the chemical manufacturing sector."

Read more of this story at Slashdot.

...

Externe Webseite mit kompletten Inhalt öffnen



https://science.slashdot.org/story/16/10/26/0523212/nuclear-plants-leak-critical-alerts-in-unencrypted-pager-messages?utm_source=rss1.0mainlinkanon&utm_medium=feed

Team Security Social Media

Kommentiere zu Nuclear Plants Leak Critical Alerts In Unencrypted Pager Messages






➤ Weitere Beiträge von Team Security | IT Sicherheit

  • Nuclear Plants Leak Critical Alerts In Unencrypted Pager Messages

    vom 548 Punkte ic_school_black_18dp
    mdsolar quotes a report from Ars Technica: A surprisingly large number of critical infrastructure participants -- including chemical manufacturers, nuclear and electric plants, defense contractors, building operators and chip makers -- rely on unsecured
  • Nuclear Plants Leak Critical Alerts In Unencrypted Pager Messages

    vom 548 Punkte ic_school_black_18dp
    mdsolar quotes a report from Ars Technica: A surprisingly large number of critical infrastructure participants -- including chemical manufacturers, nuclear and electric plants, defense contractors, building operators and chip makers -- rely on unsecured
  • TA18-106A: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

    vom 204.79 Punkte ic_school_black_18dp
    Original release date: April 16, 2018Systems Affected Generic Routing Encapsulation (GRE) Enabled DevicesCisco Smart Install (SMI) Enabled DevicesSimple Network Management Protocol (SNMP) Enabled Network DevicesOverview This joint Technical Alert (TA) is the result of analy
  • Nuclear Experts Form International 'Nuclear Crisis Group'

    vom 194.3 Punkte ic_school_black_18dp
    Slashdot reader Dan Drollette shares an article by the executive director and publisher of the Bulletin of the Atomic Scientists:On Friday, an elite group of the world's nuclear experts and advisers launched a Nuclear Crisis Group, to help manage the
  • NASA Wants To Send Nuclear Rockets To the Moon and Mars

    vom 194.3 Punkte ic_school_black_18dp
    NASA engineers want to create a rocket engine powered by nuclear fusion. "A nuclear rocket engine would be twice as efficient as the chemical engines powering rockets today," reports Wired. "But despite their conceptual simplicity, small-scale fission
  • Will Future Nuclear Power Plants Float?

    vom 184.64 Punkte ic_school_black_18dp
    Russia isn't the first country to launch a floating nuclear power plant. 50 years ago America's army built a floating nuclear power plant to supply energy to the Panama Canal Zone. Even though it's now being dismantled in Texas -- a four-year job -- China
  • 'I Oversaw America's Nuclear Power Industry. Now I Think It Should Be Banned.'

    vom 180.2 Punkte ic_school_black_18dp
    Friday the Washington Post published an essay by Gregory Jaczko, who served on America's Nuclear Regulatory Commission from 2005 to 2009 and was its chairman from 2009 to 2012. He says he'd believed nuclear power was worth the reduction they produced
  • 'I Oversaw America's Nuclear Power Industry. Now I Think It Should Be Banned.'

    vom 180.2 Punkte ic_school_black_18dp
    Friday the Washington Post published an essay by Gregory Jaczko, who served on America's Nuclear Regulatory Commission from 2005 to 2009 and was its chairman from 2009 to 2012. He says he'd believed nuclear power was worth the reduction they produced
  • Notifying your users with FCM

    vom 178.13 Punkte ic_school_black_18dp
    Posted by Jingyu Shi, Developer Advocate, Partner Devrel This is the second in a series of blog posts in which outline strategies and guidance in Android with regard to power. Notifications are a powerful channel you can use to keep your app's us
  • Lessons From the Cyberattack On India's Largest Nuclear Power Plant

    vom 177.53 Punkte ic_school_black_18dp
    Dan Drollette shares an article by two staffers at the Center for Global Security Research at Lawrence Livermore National Laboratory from The Bulletin of Atomic Scientists. "Indian officials acknowledged on October 30th that a cyberattack occurred at
  • 'The Next Nuclear Plants Will Be Small, Svelte, and Safer'

    vom 174.03 Punkte ic_school_black_18dp
    "A new generation of reactors will start producing power in the next few years," writes Wired, addingi that "They're comparatively tiny -- and may be key to hitting our climate goals." For the last 20 years, the future of nuclear power has stood in a
  • Continuous Shared Element Transitions: RecyclerView to ViewPager

    vom 158.6 Punkte ic_school_black_18dp
    By Shalom Gibly, Software Engineer, Google's Material Gallery Team Transitions in Material Design apps provide visual continuity. As the user navigates the app, views in the app change state. Motion and transformation reinforce the idea that interf