This morning I found this piece on the Vancouver Sun that tackles the perceived threat to SCADA systems that would be posed as a result of a proposed city-wide wireless network. Um, mkay. The city of Vancouver (great town) is looking for a partner to help roll out this undertaking prior to the 2010 Winter Olympic Games.
The network would be accessible to anyone with a laptop computer and wireless Internet WiFi card. The plan calls for much of the city’s infrastructure, from traffic signals and TransLink systems to BC Hydro generators and Terasen gas meters, to use the wireless platform for communications and remote operations.
TransLink has already experimented with wireless traffic signal operation to speed bus service.
It’s absurd to think that security measures have not already been taken. There are great security providers out there like AirTight and Aruba Networks that could (and most likely already have) to help secure such a network. If the damn things (SCADA/bus/traffic lights) are accessible on an IP based wireless network more than likely they could be swinging in the breeze to anyone on the internet already.
Security specialists have “real concerns about the kind of havoc that could be wreaked through hacking into a municipal or industrial SCADA (Supervisory Control and Data Acquisition) system and causing floods, extended wide area electric outages and the like,” according to B.C.-based network security specialist O.J. Jonasson. However, SCADA systems typically use directional antennae and have challenging security systems, he said.
This is clouding the problem. Wireless networks are not the problem. The problem that is described here is dealing with securing SCADA systems. This has long been a problem in North America as most SCADA vendors are only now waking up to SCADA security. The wireless connections that may be used in some SCADA networks are typically not your garden variety 802.11 implementations. Then again, I have been known to be wrong.
Examples of wireless hacking abound. But, with respects to the Turin example, this was an insider.
Now, is wireless secure? Gawd no. Neither are ethernet based networks if they aren’t implemented correctly. But, to imply that because Vancouver wants to roll out a wireless network that SCADA and other infrastructure will be vulnerable is a little silly.
If the city were to choose a completely open architecture for wireless, “the bad guys would find their way in,” said city network security manager Dave Tyson. But he said it is too early to assess the threat. “You really have to wait and see what architecture is chosen.”
Well said. Rather than carry on about SCADA attacks via wireless networks…let’s see the architecture first. Dave Tyson is right. I have faith that they will do it right. The reporter goes on to list several attacks that have been launched on SCADA systems over the years. No shit Sherlock. If a device is attached to the internet it will come under fire. That’s the nature of the beast.
Give the Vancouver folks a chance to do the right thing before casting aspersions.
[tags]Vancouver, 2010 Winter Games, Wireless Security, SCADA Security[/tags]
