Following the bouncing ball in IT
One think I love (and also it's kind of scary), is that IT so big.
Cobol started in 1959. And I can bet you there are still some people out there making some good money.
I remember back in 1999 and there were people coming out of retirement to work on Y2K (yes, I am that old).?
Around that time, I was a Delphi programmer and was doing some pretty simple Y2K work (mostly because no one else really wanted to do it).
And all in all I really just scratched the surface. I'm about 10 years off being a Cobol and mainframe expert.
I have seen REXX code before.
So there are soooooo many things in IT I know nothing about. I honestly think that if you spent your entire working day keeping up with changes in IT or new technology than you would most likely never get any work done.
I definitely know a few "hello world" programmers. They seem to have management sign off on them doing the tutorial for every framework, language or technology they can get there hands on.
I've never been in that position myself, so when I spend some time looking into some framework or tool, it's quite considered.
For example, I did spend some time recently looking at how you can add 3rd party authentication to an application by making use of LinkedIn oAuth.
Because I was adding 3rd party authentication to a new application I'm building.
So when I was chatting with someone last week on what they used to do for a job. Operational security.?
Something I haven't come across at all. So it peaked my interest. Actually, I read CNN (and sometimes Foxnews) and realize I have come across it.
Apparently attacking things protected with operational security is part of war.?
Interest further peaked.
So from a technology perspective, there is SCADA and MQTT.
SCADA is quite old, it's from the 50's.?
MQTT is newer. Starting out from IBM at 1999.
So both are quite old and established technologies. Which (my take) is that they have established code bases and usage patterns,?but they're old and uncool, so improvements aren't very active.
IBM dropped support for SCADA node's with IIB 9. So they aren't in the later versions (IIB 11, ACE).
But they have support for MQTT publish and subscribe nodes.
Circling back to how this impacts operational security. There are some suggested security best practices.
Reading these suggestions, a couple of thoughts come to mind.
These are old implementations, so I imagine no one is going back over the security design from the 50's-electric-power-grid.
My kids a learning to program at age 9, I imagine that the world is going to get more people that know technology. I'm sure that Breaking Bad is not the only time someone in crime has made use of someone with a PhD.
I would assume that if there not attached by wires then there not "physically secured", So glad to know my phone is super safe to use and no-one is listening in at all.
Again, good thing my phone is safe.
Assuming that your not happy with these potential issues. The article does suggest some things that can help your security posture.
One thing that is recommended is to make use of SSL/TLS.
Looking at what we can do to help with the teams work with. WMB / IIB / ACE all have the capability to work with either SCADA directly or MQTT through some sort of proxy-ing or brokering, we can look to enforce some security.
We have added 2 new rules to help with this:
and
If anyone is interested in a demonstration or has any questions, thoughts or wants to try it internally please reach out to me either on LinkedIn or via our website:
You can also reach me via email at:
Or contact me via the contact page on our website:
Regards
Richard
Innovator | Preparing Business for Tomorrow, Today.
2 年There are some really great points in here. Security through obscurity is one of the practices I wish I saw less. Good work!