I'm not a pipeline expert, but I've been doing computers sense the early 90s. You have a pipe. It has pumps and valves. You have a computer that controls it all. The computer gets hacked. UNPLUG THE DAM COMPUTER... and plug in another one. Then restart the pumps. If they are too incompetent to figure out a workaround then get the hell out of the way and let someone else try.
If there is one thing I've learned with computers its that the guy at the console is god. There is no such thing as taking over from a remote location. Anyone that tells you differently has been watching too many movies. Send real actual human beings out the the pumps, unplug the dam computer and just turn the pump on manually. Yeah, a person might have to watch the pressure and flow rates etc rather than the computer. So the hell what. Get the dam gas flowing again morons.
It's not just the pumps. If that was the issue, then turning them on manually isn't a big problem.
You have the metering, flow indications, pressure readings, leak detection systems, filter differential pressure readings, emergency shutdown valves and relief system indicators, etc... . Also, most pipeline pumps are set up with variable frequency drives.
It's not as easy as simply turning on a pump. Imagine turning on a car... having all the power you need, but not having a gas gauge, no speedometer, basically no way of monitoring the vehicle. You CAN drive like that on a country road... but not on a major highway through a large city. Now imagine having incredible liability in case anything went wrong. That's what the equivalent would be in pipeline terms.
And they can't switch out the computers? They have NO backup systems at all?
If that's the case its just poor planning, and utter incompetence. There is no way you will convince me that if someone with half a brain was turned lose in fucking Microcenter they couldn't completely replace/bypass whatever computer these hackers have access to.
If that is a complete impossibility then the entire system is designed poorly and everyone involved should give back their paychecks to pay the ransom.
GET IN HERE GUYS!!! ... THE NERDS ARE ARGUING!!!
KEK!!! I LOVE OUR COMMUNITY. LOTSA SMART MFs AROUND THESE PARTS.
?Best comment in this thread
Depending on the retention period of their backups.....ransomware now infects systems and sits dormant 6 months before going live sometimes and unless you restore back far enough backups wont work.
I haven't look up the flavor of ransomware used to know if it is the above type or not.
Forgive me but I'm a unix admin. Ransomware and viruses don't really work on FreeBSD. I stopped using winblows like 10 years ago. If these idiots running this pipeline are too stupid to build their control systems on a real OS then we know the problem don't we.
This is categorically false, and really sheds light on what you know vs what you think you know. There are certainly fewer exploits to take advantage of in *nix systems, but you don't need an exploit, whether hardware, software, or operator, to wreak havoc on a system or network of systems.
True, but I sadly have seen a lot of Gov't stuff run off windows boxes and servers, although it typically is local municipalities and not anything as large as a pipeline company. I am curious what systems they use.
Then you should know that corporate america doesn't run on BSD or *nix. And it's not even a technically operable alternative 90% of the time.
As an adversary (pentester), I give zero fucks about your workstation OS. I want your credentials. And yes, I am absolutely targeting you, because the people with keys to the kingdom run *nix. And I always bet they're arrogant enough to not have a top-tier endpoint security tool, which gives me more options to pre-place my malicious garbage I'll pivot off of.
Now give me one admin or DevOps monkey with sa or dba privileges through an API and it doesn't really matter that the critical data is on a *nix server, it's hosed anyway.
Have I got news for you.
You're asking the right questions. No back up plan, no off-site disaster recovery facility, no backups of data? What's really going on here. I've seen pizza shops with a better disaster recovery plan.
Exactly. They might as well be telling us the Death Star was remotely hijacked by a hacker and that's why it blew up Alderan. It makes no dam sense... until you realize they would love nothing more than to punish the southern states for daring to remove WuFlu restrictions, and for just being red states in general.
There is still fuel in those lines. If all of those things need a computer to monitor them then it's too dangerous NOT to do what the guy above said to do.
As far as leaks we already use K9S to walk pipelines and pump stations. In truth t here is zero reasons they cant turn it back on.
I take that back there is one reason. Their ccp masters won't let them.
90% of those safety protocols etc is because they run the pipes at high pressure to push the gas through faster etc. So why can't they run it at half capacity with a nice slow steady rate of flow? If the pump is set to 60% you aren't going to pop a seal etc. Yeah, I admit I'm no expert but I find it hard to believe they can't get something going to solve the problem. the only explanation is the bureaucrats don't want the fuel flowing. Its not like someone blow up the physical pipe and it will take weeks to patch it.
Are you assuming an entire pipeline is controlled by one computer? Are you sure you're the expert on this?
You're making my point for me. It probibly takes two dozen computer clusters to control something that large. So the bad guys got control of what one maybe two systems. UNPLUG the fucking network cable(or the power), replace/repair that system, and restart it all. Sure you need to check everything out. That takes what a day? Maybe two?
I'll say it again. The idea that some dude in his basement has the power to remotely control something so large as a pipeline is pure movie FICTION. It can't happen. If it REALLY is happening then that is the single most poorly designed security/computer control setup in the history of computers. AND its being run by the biggest bunch of idiots ever to sit at the console of a server.
Now let's talk about the REAL reason the pipeline is down. A bunch of bureaucrats and/or politicians are worried about profit margins or they are just using this as an excuse to keep it shut down, or they are punishing the southern states because they lifted WuFlu restrictions, or they are idiots who are frozen in inaction... on and on... the list is so long I can't type out all the possible reasons.
There is no way you will ever convince me that a dozen smart technical guys like me can't fix this in a day or two. That's not how this shit works. Its always the fucking bosses. There is something else going on here that has jack shit to do with hackers.
You’re either an engineer or controls contractor aren’t you? Lol