9.1. SCADA Raiders
It was 2003 and the words on everyone's lips were 'cyber warfare' and 'electronic pearl harbor'.
Well, not quite everyone's lips. Certainly, they were on the lips of lazy journalists and irresponsible security consultancies determined to sell the idea that al-Qaeda was about to launch global Armageddon via the Internet (so how about this nice shiny Jihad-proof firewall?). In any case, it was mostly nonsense. Mostly.
Even the most skeptical within the security and intelligence communities were willing to concede that some systems were potentially vulnerable to 'cyber attack' although these had nothing to do with the Internet. What started to concern a lot of people around this time wasn't the computer systems that were responsible for delivering your email or getting you onto the Web. If these get knocked out, it's a pain but not the end of the world; a recent spate of vicious Internet worms had shown this. The concerns revolved around the computers whose task it was to monitor and regulate certain somewhat more vital functions, systems that are considered mission critical: life support, electrical grids, power stations, water treatment facilities, and weapon systems. Such technologies are collectively (and generically) referred to as supervisory control and data acquisition (SCADA) systems.
Such systems are not connected to the Internet or any public network, although it's not uncommon for there to be some form of monitoring available via telephone modem links. ...
Get Unauthorised Access: Physical Penetration Testing For IT Security Teams now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.