You are on page 1of 2

"Zombies ahead!" sign says something about SCADA security | Zero Day | ZDNet.

com

Page 1 of 2

Zero Day
Ryan Naraine and Dancho Danchev
January 29th, 2009

"Zombies ahead!" sign says something


about SCADA security
Posted by Adam O'Donnell @ 8:30 pm
An electronic road sign hacked to alert drivers to hoards of the undead provides a nice
pedagogical example of why SCADA security is such a big deal.
Earlier this week a road sign was hacked to warn drivers about zombies disturbing their
evening commute. The hack itself was trivial: an intrepid individual discovered that
electronic road signs shared a common default password. The default password would have
been discovered and publicized years ago if the systems were connected to the internet, but
they were left alone for years as very few people had the gumption to walk up to one of the
signs and attempt what is essentially a dictionary attack against the authentication
mechanism. Without the forcing function that is sustained attack, engineers have no reason
to improve the security of their systems.
It seems that everyone laughed off the hack as a simple gag, but you are left to wonder what
security problems that already exist in systems that are semi-attached to the grid.
There are a large class of systems that are semi-attached to the grid which do have similar
security problems. Known as SCADA (Supervisory Control And Data Acquisition) Systems,
these computers are responsible for controlling physical plant like nuclear reactors and oil
refineries. Many of these systems were deployed years ago, well before the information
security industry fully understood code quality problems and how they can be exploited by
attackers. That is all well and good as long as you can guarantee an air-gap between the
control network and anything a human being can touch.
Maintaining a guarantee that none of the systems will touch a publicly accessible network is
pretty challenging for ten to twenty years as you bring on new staff that may not know why
the air gap was originally put into place. Eventually someone hooks up the SCADA system
network to a PC that provides a nice Windows XP-based visualization interface, and they also
hook it up to the internet so they can get pages at home when something goes wrong.
The Feds have known about this issue for some time, and have invested heavily in improving

http://blogs.zdnet.com/security/?p=2452

4/9/2009

"Zombies ahead!" sign says something about SCADA security | Zero Day | ZDNet.com

Page 2 of 2

SCADA system security. Hopefully they complete the job before some hacker discovers the
system, and well its Zombies ahead! time.

Adam J. O'Donnell, Ph.D. is an R&D engineer who has focused on computer


security since 2000. He currently is the Director of Emerging Technologies at
Cloudmark, a messaging security company located in San Francisco. See his full
profile and disclosure of his industry affiliations.
Email Adam O'Donnell
Subscribe to Zero Day via or RSS.
Popular on CBS sites: March Madness | iPhone 3G | Fantasy Baseball | Antivirus Software |
Recipes | Spore | Katy Perry
About CBS Interactive | Jobs | Advertise
2009 CBS Interactive Inc. All rights reserved. | Privacy Policy | Terms of Use

http://blogs.zdnet.com/security/?p=2452

4/9/2009