Showing posts with label VPN. Show all posts
Showing posts with label VPN. Show all posts

March 17, 2020

Telework Lessons from Coronavirus

So we're all stuck in the house teleworking because of Coronavirus.

After a number of hours, I hear from my daughter that her laptop stopped working.

Apparently the battery overheated. 

Like a good millennial, what does she do?

She puts it in the refrigerator to cool down.

And sure enough, when she takes it out, it's working again. 

Next problem of the day is where the VPN circuits are overloaded (too many people trying to login from home).

And when you try to call the help desk, of course all you get is a busy signal. 

We sure are learning a lot during this Coronavirus outbreak. ;-)

(Credit Photo: Andy Blumenthal)
Share/Save/Bookmark

March 9, 2014

SCADA in Pictures




So SCADA are Supervisory Control and Data Acquisition systems.

They are a form of Industrial Control Systems (ICS) that monitor and control major industrial processes from power generation, transmission, and distribution, to water treatment, chemical production, air traffic control, traffic lights, building controls, and more. 

These are part of our nation's critical infrastructure. 

In the lab, we are able to use tools to capture and analyze communication packets and edit and re-use them to: 

- Turn on and off lights

- Open/close perimeter gates

- Control water and gas pipelines

- And even open and close a bridge

This was very scary!

No one, unauthorized, should be able to do this in real life, in the physical world. 

This is a major security vulnerability for our nation:

- SCADA systems should not be openly available online, and instead they should be able to be controlled only either locally or remotely through an encrypted virtual private network (VPN).

- SCADA systems should not be available without proper access controls--there must be credentials for user id and passwords, and even two-step authentication required. 

No one but vetted, cleared, authorized, and trained personnel should be able to monitor and control our critical infrastructure--otherwise, we are giving them the keys to disrupt it, destroy it, and use it for terror. 

We owe our nation and families better, much better. 

(Source Photos from lab: Andy Blumenthal)

Share/Save/Bookmark