October 17th, 2011
10:28 AM ET

Inside a government computer attack excercise

By CNN's Mike M. Ahlers

Forget, for the moment, about computer whiz kids who download copyrighted music for free.

Forget, too, about sophisticated hackers who can steal identities.

Focus instead on the next wave of potential computer miscreants - criminals who can penetrate corporate computer systems to turn valves, start pumps or surge power at factories or electrical plants. They might even be able to hit chemical facilities.

Those folks are on the minds of the researchers at the Idaho National Laboratory, where the federal government regularly trains industry leaders on how to protect critical infrastructure from cyberattacks.

In the not-so-distant past, instructors here say, security officials relied on the "3 Gs" - guns, gates and guards - to protect infrastructure from intrusions. But increasingly mechanical systems inside those gates are being linked to computers and controlled via networks and cyberspace.

That has left industrial control systems vulnerable to attack.

To demonstrate the vulnerability, the Department of Homeland Security and Idaho National Laboratory in Idaho Falls recently showed reporters a cyberattack on a mock-up of a chemical facility.

In the exercise, a small group of "Red Team" attackers staged an assault on the chemical plant. A larger group of "Blue Team" defenders sought to protect that mock-up building, which was constructed of barrel-size containers of water connected by pipes and pumps such as those found in chemical plants.

The exercise used concepts that are relevant in the real world.

Among them:

Exploiting corporate trust

The Red Team attackers, looking for access to the computer network, don't look for direct access to the control systems they covet. They know the vulnerability is elsewhere - most likely in the executive offices of the fictitious chemical company.

Executives frequently have access to internal computers networks, so they'll have timely access to information about productivity, output and information important to the market.

They also frequently have access, perhaps indirectly, to networks that link to control systems. Assailants know they can "exploit the trust relationship."

Getting a toehold into a system

In the Idaho exercise, Red Team members get a toehold by phishing, a tactic also used by hackers to steal financial or other information. They send an e-mail that appears to be from a friend or a legitimate organization to a representative, which contains malicious software and which opens a link between the sender's computer and the corporate computer.

Subverting a system's security

Having established a toehold on the chemical company's computer, the Red Team discovers a surveillance camera in the chemical plant's control room. The camera, intended to safeguard the chemical plant, can now be turned against it. The Red Team can use the camera to observe the plant's staffing levels or zoom in on control panels and mechanical devices, gathering information that will help them in their attack. And once the attack is launched, they can each watch their opponent's response.

The 'man in the middle'

In sophisticated attacks, the Red Team can even insert itself between the machine and the machine's operator. The team can control the amount of water through a pump, while indicating to the machine's operator that everything remains normal.

Red Team-Blue Team exercises typically last between eight to 12 hours, and are followed by a "hot wash" in which a "White Team" analyzes the attack and reviews ways to prevent attacks and respond to them.

Fears of online intrusions on industrial control systems are not theoretical.

In a then-classified 2007 demonstration at Idaho, experimenters using computer inputs altered a large electric power generator, causing it to self-destruct. The experiment, known as "Aurora," was the first demonstration that attackers could not only turn a mechanical device on or off but could destroy it.

Then in 2010, a computer worm known as Stuxnet was discovered after it spread indiscriminately but is believed to have targeted equipment used by Iran to enrich uranium. The source of the worm has not been identified.

Department of Homeland Security officials say attacks on industrial systems are occurring.

Attackers are "kicking on the doors" of industrial systems, said Greg Schaffer, acting deputy under secretary of the department's National Protection and Programs Directorate.

soundoff (48 Responses)
  1. Hipolito Schleuder

    Leave the long periods to the individuals who go to Vegas just for the gambling. It is no wonder why so numerous players turn to poker tournaments to progress their seat and their winning purse.


    June 29, 2021 at 1:28 am | Reply
  2. Lemuel Fairey

    In casino, there is a card dealer who gives out the card. But if you would like to have fancier chips, then you might have your personal chips and intimidate your opponent with it. 1 purchase-in is regarded as 100 big blinds.


    June 29, 2021 at 1:27 am | Reply
  3. Valentine Wilcher

    The list just goes on and on when it comes to Sports activities, Hobbies and Video games. Of course, once you're at step 4 this will just be 2nd nature. The book is a complete guide for a newbie all-through.


    June 29, 2021 at 1:23 am | Reply
  4. Kirsten Mccarty

    The optimum player in the online poker roulette is five. To use the word genius with Iblis and Asmoday is brief changing these two "enzymes". And at the cash game tables, limit is a well-liked style of betting.


    June 29, 2021 at 1:23 am | Reply
  5. Darin Schartz

    Learning from your errors and the mistakes of others is a tool used to perform in the second of play. Another factor about becoming a poker on-line professional is the status of the poker marketplace.


    June 29, 2021 at 1:23 am | Reply
  6. https://www.songmanhits.com

    Best view i have ever seen !


    June 17, 2021 at 10:39 am | Reply
  7. https://thuocladientu123.com

    Best view i have ever seen !


    June 15, 2021 at 11:58 pm | Reply
  8. Virgina Samiento

    1 must hold on his pleasure and not show it to others. There is also the chance to make a small cash and make reward as nicely while you good tune your abilities. And how do you know you are not up against a computer?


    June 13, 2021 at 4:37 am | Reply
  9. Hai Jezierski

    When you are taking part in towards a player, know what kind of a participant he his – is he intense or passive? Modifying your strategy to the various types is simple. Always assisting with strategy and perfecting the sport.


    June 13, 2021 at 4:36 am | Reply
  10. Jessie Evan

    I think I have a little in common with each of them. What ever the situation, there are tons of fantastic poker celebration food ideas out there. Just know that no matter what you choose, the appear is magnificent.


    June 13, 2021 at 4:33 am | Reply
  11. Missy Weglin

    Be certain your web site is safe by analyzing critiques of the top sites and online poker space ratings. You need to have some great suggestions to play casino online neat and clean.


    June 13, 2021 at 4:32 am | Reply
  12. Benton Barad

    We admire poker gamers who made themselves to the leading, successful every tournament they get in. All the twisting and touching will make the individuals more comfy, and prepared to explore horizons.


    June 13, 2021 at 4:32 am | Reply
  13. nector collector

    Bong Coasters & Bong Padsone hitters14mm 45 Degree Showerhead Ash Catcher By DiamondThe bag is held closed by strong velcro as well as a rubber lined zipper that keeps smells locked inside. The inside has two roomy mesh pockets with enough space for your stash as well as a lighter, a hand pipe, and even a snack. The inside of the pouch also has 100 carbon lining, making the smell-proof security even stronger.


    June 4, 2021 at 7:31 pm | Reply
  14. slurper

    Dab Padwaxpen14mm 45 Degree Tree Perc Ash CatcherThis is because the ash catcher would make your piece top-heavy, increasing the likelihood of an accident and breakage. On the contrary, massive bongs are usually paired with large ash catchers to keep the aesthetic consistent.


    June 4, 2021 at 7:29 pm | Reply
  15. oil reclaimer

    Dab Pads & Silicone Matswax pens14mm 45 Degree Tree Perc Ash CatcherThis is because the ash catcher would make your piece top-heavy, increasing the likelihood of an accident and breakage. On the contrary, massive bongs are usually paired with large ash catchers to keep the aesthetic consistent.


    June 4, 2021 at 3:24 pm | Reply
  16. carb cap for sale

    Dabpadzpen for wax45 Degree Joint Vs 90 Degree Joint Ash CatcherThe bag is held closed by strong velcro as well as a rubber lined zipper that keeps smells locked inside. The inside has two roomy mesh pockets with enough space for your stash as well as a lighter, a hand pipe, and even a snack. The inside of the pouch also has 100 carbon lining, making the smell-proof security even stronger.


    June 4, 2021 at 2:26 pm | Reply
  17. Angeles Mckean

    Paul Darden feels himself lucky as he has managed to beat the odds. You may not be successful in sticking to it, but to attempt that will do you no damage. Most people have one or two buddies who are unreliable.


    May 28, 2021 at 1:45 pm | Reply
  18. Bob Tesauro

    Poker sport is developed to be performed by multiple gamers. Gamers who are taking part in towards you have fantastic abilities much beyond the comprehension of the novice players. What if you want to do magic methods with your playing cards?


    May 28, 2021 at 1:27 pm | Reply
  19. Refugio Lovfald

    The card dealing place will rotate among gamers. A growth that is absolutely nothing less than incredible. An additional ways for rooms to make money is by hosting a tournament.


    May 28, 2021 at 11:05 am | Reply
  20. Larue Kocik

    If your funds are little, there are Sets to match your requirements. This can help figure out more of their motivation for promoting. So you ought to discover at minimum one type of the sport.


    May 28, 2021 at 10:42 am | Reply
  21. Jude Chagollan

    Learn what hands you can increase or call with. You should by no means neglect that it's the job of the casinos to make money at your price. Karas was born in 1950 at Antypata on the island of Kefalonia, Greece.


    May 28, 2021 at 10:40 am | Reply
  22. https://shiatsu-web.com

    Best view i have ever seen !


    May 27, 2021 at 1:40 am | Reply
  23. storno brzinol

    I am extremely impressed along with your writing talents and also with the format for your weblog. Is this a paid subject matter or did you modify it yourself? Either way stay up the nice high quality writing, it is rare to look a great weblog like this one these days..


    May 13, 2021 at 9:08 am | Reply
  24. https://shiatsu-web.com

    Best view i have ever seen !


    May 6, 2021 at 2:28 pm | Reply
  25. https://topphimhot.net

    Best view i have ever seen !


    May 4, 2021 at 11:26 pm | Reply
  26. sms

    I respect your work, regards for all the interesting blog posts. sms


    April 19, 2021 at 11:07 pm | Reply
  27. https://shiatsu-web.com

    Best view i have ever seen !


    April 19, 2021 at 4:37 am | Reply
  28. Wilfredo Zier


    Usually I don’t read post on blogs, but I wish to say that this write-up very forced me to try and do so! Your writing style has been surprised me. Thanks, very nice post.

    April 12, 2021 at 5:01 am | Reply
  29. https://shiatsu-web.com

    Best view i have ever seen !


    March 23, 2021 at 10:21 am | Reply
  30. travelers notebook

    I am aware this site provides quality dependent posts and
    additional stuff, can there be almost every other site
    which presents such information in quality?

    My website ... travelers notebook

    March 7, 2021 at 7:36 am | Reply
  31. passport wallet insert for midori travelers notebook passport size

    After I originally left a comment I appear to
    have clicked the -Notify me when new comments are added- checkbox and now when a comment is added I recieve 4 emails with similar comment.
    Is there a method it is possible to remove me from that service?


    Also visit my webpage: passport wallet insert for midori travelers notebook passport size

    February 26, 2021 at 3:29 am | Reply
  32. yoga mat stickers

    My programmer is wanting to persuade me to advance to .net from PHP.

    I have always disliked the thought due to expenses.
    But he's tryiong none the less. I've been using WordPress on several websites for around each year and
    am anxious about switching to a different one platform.
    I have heard excellent reasons for blogengine.net.

    What is the way I will transfer all of my wordpress posts in it?
    Any sort of help could be really appreciated!

    Here is my page; yoga mat stickers

    February 24, 2021 at 12:24 pm | Reply
  33. HarlanDGagel

    I just like the valuable information you supply in your articles.

    I am going to bookmark your blog and take a look at again right here regularly.
    I'm fairly sure I will be told many new stuff right below!

    All the best for the following!

    Look at my site – HarlanDGagel

    February 9, 2021 at 4:59 pm | Reply
  34. Cardiff House Clearance

    Hi my friend! I want to say that this article is awesome, great written and include approximately all significant infos. I?¦d like to peer more posts like this .


    February 9, 2021 at 7:22 am | Reply
  35. Dr. Gőz Péter ügyvéd

    Its like you learn my thoughts! You seem to understand so much about this, like you wrote the e book in it or something. I think that you just could do with a few p.c. to drive the message home a bit, but other than that, this is wonderful blog. A great read. I will definitely be back.


    February 9, 2021 at 4:38 am | Reply
  36. LarondaHRehl

    Howdy this is kind of of off topic but I was wondering if blogs use WYSIWYG editors or if you have to manually
    code with HTML. I'm starting a blog soon but have no coding skills so I wanted to get advice from someone with experience.
    Any help would be enormously appreciated!

    Feel free to visit my web blog: LarondaHRehl

    January 28, 2021 at 9:25 am | Reply
  37. zortilo nrel

    As a Newbie, I am permanently browsing online for articles that can benefit me. Thank you


    December 21, 2020 at 6:15 pm | Reply
  38. Dreamer96

    What?? They sent a Java script file in an email, or pulled a picture off another site that was embeded with and executeable program, or a video clip that was more than a video clip....

    Any email contains the origional senders email address and every handler of that email alone the route to you...Yes these can be faked...They can also be checked against a local database of known friends email addresses, only those addresses already known are allowed in..You can also send a pre-email notice that someone is about to send an email, or will be sending an email, this notice is forced to take a different route...If you do not have this notice..then the email is fake, or you can check with the sender's computer and see if they really sent you this email....

    You can setup your internet firewall to only allow contact with pre-determined internet addresses...no roaming the internet...If a message going into or out of the list of addresses tries to pass through the firewall...you flag it...and block it, maybe scan it..

    The real problem is everyone sets up their network from off the shelf equipment and software, but does not finish the job and setup the trusted sites and trusted computer port access controls needed...and to many use Java and other browser addons like video players and have no idea what the program is really doing...If the system is Microsoft based, do they even monitor the access to the operating system registry, is an unknown program trying to enter or alter the registry ,or do the users even purge their internet browser temporary internet files and cookies....or do their monitor the list of active processes running, or monitor the open computer internet ports and who they are talking to....

    This attack started by having the computer user open an email that triggered a Java script program to call out to another computer over the internet, or just request a picture file off some server, this triggered the upload of a dangerous program...so right there you see the firewall is letting any computer on the inside computer local network contact anyone outside on the internet without any idea who they are...bad security right there..Is the internet address a know bad site address, what country is it in...Iran?

    Anyway this demo shows people don't know how to tighting up access....If you lock your front door but leave the windows and backdoor unlocked, then the bad guys will get in, if they come knocking when your there or gone...

    October 22, 2011 at 9:03 am | Reply
  39. Chris

    Why don't these types of SCADA systems have an air gap? The companies that designed/developed and installed them should be held responsible for providing a sub-standard product. Remediation should include a redesigned system that doesn't connect to the "public" Internet. It's not like there were no threats during the "early days" of the Internet...the system developers ought to have known about them.

    October 19, 2011 at 3:43 pm | Reply
    • gelbkreuz

      That is true. I've always thought that kind of hardware is disconnected. It could only be reliably attacked via 'road apple' or another physical means.

      October 24, 2011 at 10:10 am | Reply
  40. od

    backtrack linux is a very fine distro indeed 😉

    October 18, 2011 at 7:33 am | Reply
  41. Brigette

    Either they don't proofread anymore, or the proofreaders can't spell either.

    October 17, 2011 at 6:44 pm | Reply
    • rehyn

      What do you mean, "proofread"?

      October 22, 2011 at 8:37 am | Reply
  42. English Teacher

    "Excercise"? It's "exercise"!

    October 17, 2011 at 4:11 pm | Reply
    • kristy

      i really do agree with you guys...they do need to proofread or w.e(:

      October 24, 2011 at 3:39 pm | Reply
  43. kristy

    omg!!!! this is crazy....i think imma do my curent event on this in chemistry...this is crazy...i mean i knew people did this....but wow....hahaha.

    October 17, 2011 at 3:58 pm | Reply
    • kristy

      i didnt mean to sound weird...but this is very interesting....i love to learn about crazy things. lol :3

      October 17, 2011 at 3:59 pm | Reply

Post a comment


CNN welcomes a lively and courteous discussion as long as you follow the Rules of Conduct set forth in our Terms of Service. Comments are not pre-screened before they post. You agree that anything you post may be used, along with your name and profile picture, in accordance with our Privacy Policy and the license you have granted pursuant to our Terms of Service.