Hacking a water plant with the ICS Village

For most of us, this may be as close as you get to “operating the power grid” — hitting your light switch on the wall at home.

After all, you may not spend a lot of time inside a power plant. And they probably have a locked gate.

Unless you work at one of these plants, you’re out of luck.

But what if you wanted to see this and/or other industrial systems up close, see how they work, and see how hackers can get in and do damage to things you depend on — your critical infrastructure?

“Critical infrastructure. Where your water and your lights come from,” explains Bryson Bort, CEO of security company Scythe.

Here is your chance to see it up close, a ‘fun-sized’ version of a water plant that you can hack and protect.

Watch here:

 

 

 

Diving In

“Critical infrastructure. Where your water and your lights come from,” explains Bryson Bort, CEO of security company Scythe.

Here is your chance to see it up close, a ‘fun-sized’ version of a water plant that you can hack and protect.

It’s called the ICS — or industrial control systems — Village.

Bort shows how it works at a security conference in Anaheim, California.

He’s motivated by the same things you are.

“I like electricity and water,” he says with a smile. “I think those are wonderful things. I like that part of modern life.”

He starts with a screen, like a tablet, called an HMI, or human machine interface.

 

The human machine interface, or HMI, that you use to send signals to run the plant. Image: Archer News

 

It sends signals to a PLC, or programmable logic controller.

The PLC is like the computer you use, only sturdier and not as smart.

“A PLC just does what it’s told to do,” Bort says. “It doesn’t think about it. It doesn’t go, ‘Oh, well, you know, that doesn’t sound right.’ It just does what it’s told.”

 

The PLC, or programmable logic controller, that can help run a plant — or destroy it. Image: Archer News

 

Now, we’re in trouble, because Bort is attacking the PLC.

He’s bombarding it with too many commands.

It’s supposed to allow in just the right amount of treatment chemical.

But the PLC is overwhelmed and lets the chemical keep mixing in to your drinking water.

“Just continues to pour out,” Bort says. “Which, of course, could be bad.”

Too much, and your drinking water is contaminated.

 

Bryson Bort showed how attackers can add too much treatment chemical to drinking water & make it unsafe. Image: Archer News

 

Target

Now you see why the PLC can be a target for attackers.

In the infamous Stuxnet attack discovered in 2010, hackers focused on the PLC’s running centrifuges at Iran’s nuclear plants.

The Stuxnet worm made the PLC’s spin the centrifuges slowly and quickly, slowly and quickly until some were destroyed.

It damaged a thousand machines and infected 200,000 computers to boot.

That little PLC, found in power plants and factories and industrial systems around the world, can have a lot of power.

“Since we’re talking about critical infrastructure, right?” says Bort. “That’s the kind of thing that’s going to impact your life.”

 

The ICS Village. Image: Archer News

 

Inspiration

For some, the ICS Village may be an inspiration, a motivation to learn security for industrial systems.

And soon, Bort and his colleagues will take this 1500-pound miniature system to Washington, D.C. for an event called Hack the Capitol

People who make laws about protecting industrial systems will get to see one up close.

“Do you feel there’s something that lawmakers are missing out on that you can help shed some light on?” Archer News asks Bort.

“Lawmakers have to weigh a lot of different interests. The staffers who actually do the research and create the packages that eventually do become laws and bills, they’re doing their best. But I think it’s really a challenge for them to get outside of what’s available inside the beltway,” he responds.

“All were trying to do is just generate an understanding of what it takes for the safe operation of critical infrastructure for all Americans,” he adds.

Many lawmakers may never have touched a PLC, he says.

“I’ve met state regulators in this space who not seen it,” Bort says. “Yeah, most of them have not.”

Saving Lives

Now, you’ve seen a PLC, what it does, and how it can be hacked to damage equipment and hurt people.

Now you may understand why some people are so passionate about these industrial systems, power plants, critical infrastructure and keeping them secure.

“We’re just trying to promote and spread that as far as we can so that everybody’s safer,” Bort says. “Because so many things depend on it, loss of electricity does equate to loss of life, and we’ve seen that happen before.”

 

Main image: Water faucet. Photo by Steve A Johnson on Foter.com / CC BY