Computers; what if the railway was attacked?

[najaB]

TBH they should've stayed with 98 and gone from there to XP.

That was the plan, but most of the features of Neptune weren't ready in time and they felt the need to get something out of the door by late 2000.

 

[cjmillsnun]

That was the plan, but most of the features of Neptune weren't ready in time and they felt the need to get something out of the door by late 2000.

I know. However with an effective monopoly, they needn't have bothered, as the result was one of the most buggy, unusable OS in recent memory. Vista and 8 had their issues, however were in the main stable and secure. ME was awful.

 

[najaB]

I know. However with an effective monopoly, they needn't have bothered, as the result was one of the most buggy, unusable OS in recent memory. Vista and 8 had their issues, however were in the main stable and secure. ME was awful.

I'm fairly confident it's an example of the triumph of the marketing department over engineering.

As an aside, I just installed Neptune in a VirtualBox and it's practically indistinguishable from Windows 2000. They should've just released it instead of Me.

 

[2HAP]

What happens is everything grinds to a halt, as in Manchester this afternoon.

http://www.manchestereveningnews.co...-updates-huge-communication-failure-13033816?

The entire tram network has ground to a halt across Greater Manchester after a communications failure.

Trams have not been able to run on any lines since a fault struck the Metrolink control room on Sunday afternoon.

 

[yorkie]

What happens is everything grinds to a halt, as in Manchester this afternoon.

http://www.manchestereveningnews.co...-updates-huge-communication-failure-13033816?

If anyone wishes to discuss this particular incident, use: All Metrolink Services Suspended - Sunday 14 May

.... Being out of support simply isn't an argument....

It is at my workplace, and it certainly should be a valid argument!

 

[Wombat]

A lot of people have a very simplistic view of what it takes to upgrade the OS in a major business.

I could write an essay on upgrade issues, as could anybody who has worked in IT in a major national business but it all comes down to money. Being out of support simply isn't an arguement, you have to be able to put a positive cost benefit on the upgrade. (I never liked that approach but I was just the poor devil who had to nursemaid the old software).

To be fair, I think that most of us have simplistic views of everything outside our areas of expertise. When my train gets terminated at some crappy station due to an "operational incident" (sorry), I have to remind myself that the lunatic in charge of this deranged shambles is hopefully making a rational decision based upon information and experience that I don't have. So it's not surprising to me that non-IT people would assume it's just a matter of sending some support people around with a Windows 10 USB stick.

On the other hand, the cost of being out of support is pretty easy to articulate. What's the cost of being literally unable to transact business; losing data; leaking customer information? A significantly large organisation should have both people able to express the worst-case scenarios and their mitigation, and execs able to understand them, so being out of support is a compelling argument if the board is up to scratch.

On a figurative third hand, it's occurred to me that the NHS is something of a special case: it can't go bankrupt and it has no significant competition. So I'm the head of an NHS trust and my head IT person tells me that our desktop estate is out of support and vulnerable to attack. I can upgrade them at a cost of £X (and break a shed-load of ancient specialist applications in the process), I can purchase extended support at an annual cost of £Y, or I can do nothing and hope for the best.

I don't have £X or £Y lying around, but what's wrong with option 3? It probably won't happen and if it does, what's the damage? Some operational issues (pun intended), some shouting, perhaps a few people will die but probably not; and as a chief exec I'm already pretty good at blame avoidance. And if the worst happens, well, perhaps the Treasury will then find £X down the back of the sofa.

 

[higthomas]

I think some here might be interested in this and I don't think anyone's linked to it:
https://www.londonreconnections.com/2017/hacked-cyber-security-railways/

 

[DarloRich]

One thing that this recent event has shown is that the Government's cost cutting is more than people imagine and this has left vulnerable people exposed. It does make you wonder how a spotty teenager sitting in his bedroom has managed to bring the NHS to its knees

Sent from my SM-T555 using Tapatalk

That is a ridiculous comment, keeping computers updated is nothing to do with government cost cutting, it's incompetence.

This is an incredibly sophisticated attack that has also affected car factories and Deutsche Bahn for instance.

No: it s government cost cutting. They cut budgets and forced IT outsourcing then failed to fund new systems.

The Government paid £5.5 million in 2014 for Microsoft to continue updates....that lapsed in 2015 so for 2 years NHS computers have recieved no updates. Who do you blame for that the Government or the NHS.

Are train stations still running on obsolete software?

What if train stations are? What is the worst that can happen? The ticket machines don't work, the screens go bananas and the tannoy plays Britany Spears.

The Caldicott Guardians for each of the trusts that have had system failures due to the malware should be invited to Westminster or Holyrood as approropriate to explain themselves.

they best start with No.10 & the Dept for Health. Perhaps Mr Hunt could explain the issue of funding cuts.............

Are all the people and businesses who've been affected by ransomware too poor to upgrade their computers? Including Renault, Nissan and Deutsche Bahn? I think not.

There are arguments to be made that the NHS is under funded and I would agree with you in some respects, but this is purely incompetence, nothing more. You're making a cheap political point with no evidence.

Then you are blind and/or naive. The cuts to NHS funding and the forced outsourcing of IT services in most trusts are large contributory factors. The government knew the system needed an upgrade but did nothing. As they have "devolved responsibility" or some such rubbish to the trusts they have spent the weekend blaming the skint trusts. The government are to blame. They have failed to secure and protect "critical national infrastructure"

Being out of support simply isn't an arguement, you have to be able to put a positive cost benefit on the upgrade. (I never liked that approach but I was just the poor devil who had to nursemaid the old software).

It is at my workplace, and it certainly should be a valid argument!

If you simply wrote please let me have X£m because Y is going out of support on your authority paper you would fail.

If you wrote Y going out of support means ABC become more likely and if ABC occur that will cause XYZ and cost us XXX£M compared to the x£m needed to invest in a new system people will sit up and take notice - at least from my experience

 

[al78]

What if train stations are? What is the worst that can happen? ... the tannoy plays Britany Spears.

That might be an improvement in some cases .

 

[SpacePhoenix]

What if train stations are? What is the worst that can happen? The ticket machines don't work, the screens go bananas and the tannoy plays Britany Spears.

I'd be more concerned about the computers in signal boxes/signalling Centres. Hopefully none of them use XP at all

 

[QueensCurve]

This is a very interesting topic and difficult to do justice to.

There is of course the fact that "Micros**t ended support for Windows XP in 2014". Windows XP continues to work. Subsequent MS platforms did not always work so well and still don't support many of the older Windows supported platforms that ran on their earlier products.

Personally I see "ending support for" as a sort of extortion racket: buy our new products or else.

In this case a security flaw might have been patched but for the "ending of support" this left a vulnerability. If there is a system that requires XP that was business critical it was open to the user to Pay MS (more extortion) to continue "to support it". UK Gov't chose not to do this. Negligence or refusing to bow to extortion when most threats would target the new MS Products?

Of course Windows should not be used for safety critical systems, but I fear it is in many cases.

There is more to security of IT systems than merely relying on MS to offer a patch every Tuesday in the wee small hours. It includes:-

• physical protection of the infrastructure
• encryption of data on the public internet
• endpoint protection (eg USB devices)
• data protection/verification
• software hygiene
• spam prevention
• training of the operators
• operator vigilance
• no doubt many more

In this case somehow malware got into systems and then appears to have spread internally via networks.



In my experience, the biggest vulnerability is the user clicking on links or opening attachments in spam. With large systems that have many users it is vitually impossible to prevent this. Spammers are continually upping their game to try to fool the users into believing it is a genuine message. A present tactic is to try to pretend to be a scanned document from a local machine.



All of us can up our game on this. That said, no machine should have privileges to install software when a non-administrative user is at the controls.

 

[glbotu]

I'd be more concerned about the computers in signal boxes/signalling Centres. Hopefully none of them use XP at all

I'd be surprised if the signalling systems were internet enabled. The admin computers might be (train planning etc), but the actual tech that switches points and signals is likely to be closed-circuit.

 

[glbotu]

This is a very interesting topic and difficult to do justice to.

There is of course the fact that "Micros**t ended support for Windows XP in 2014". Windows XP continues to work. Subsequent MS platforms did not always work so well and still don't support many of the older Windows supported platforms that ran on their earlier products.

Personally I see "ending support for" as a sort of extortion racket: buy our new products or else.

I'm afraid I can't agree with you on this. The architectural differences between XP and Windows Vista (and onwards) is vast (monolithic kernel, versus hybrid kernel is the big one - for the layman, the way the software talks to the hardware is fundamentally different). These things all have ramifications in terms of security as well, ignoring the fact that the software has to be compiled differently to make it work. Better security (for non-human-based attacks) uses more processing time. You'll notice how pretty much every website you "login" to, tends to have the longest wait time between logging in and getting to the "home/dashboard" page. That's because it's using a ton more processes to hash and salt (do complex irreversable maths on) the input password and compare it to what's in its database than it does to do pretty much anything else. A machine running on the Windows NT Kernel (ie: the one XP uses) just doesn't have access to as much of the computer's hardware, because the architecture doesn't allow it. That means that machine isn't as secure. Remember that the "hackers'" ability to hack improves with time, the technology has to as well.

That's before looking at the fact that people want their machines to do more and more, from gaming to engineering technology (like CAD) and once people find out that machines can do more they want their own to do more. But that's the commercial side of things, which is somewhat beyond the point.

I feel that there's a sense from a lot of people that just because software isn't a physical, tangible thing, like a car or VHS tape, that it isn't either difficult or time consuming to produce. Would you expect a car manufacturer to give you a free lifetime warranty on your car? Would you expect a film studio to replace your VHS tape for free when it got knackered?

I reckon that for Microsoft to produce that last minute patch for XP to halt the ransomware cost them at least 25 people working through the night. Something like the latest versions of Windows have probably taken thousands (if not tens of thousands) of developers, at least 2 - 3 years to develop, including looking at what current technologies can do, not to mention what technologies would be stable in 2-3 years time. For example, Windows 10 probably cost Microsoft $18.75 billion. That's billion with a b. That's about triple the cost of Great Western Electrification.

In this case a security flaw might have been patched but for the "ending of support" this left a vulnerability. If there is a system that requires XP that was business critical it was open to the user to Pay MS (more extortion) to continue "to support it". UK Gov't chose not to do this. Negligence or refusing to bow to extortion when most threats would target the new MS Products?

While I disagree with your "extortion" angle, I don't disagree that the government, given the terms of its contract, should not have ended the support contract.

Of course Windows should not be used for safety critical systems, but I fear it is in many cases.

Don't see why, what OS would you use? Open source Linux, where all the source code's on the internet? Write their own (on a Unix-based platform)? I assume you aren't suggesting the NHS hire a massive development team to build some sort of NHS kernel.

There is more to security of IT systems than merely relying on MS to offer a patch every Tuesday in the wee small hours. It includes:-

• physical protection of the infrastructure
• encryption of data on the public internet
• endpoint protection (eg USB devices)
• data protection/verification
• software hygiene
• spam prevention
• training of the operators
• operator vigilance
• no doubt many more

In this case somehow malware got into systems and then appears to have spread internally via networks.

This is all about "defence as design", or whatever they like to call it these days. Basically, security needs to be at the core of all your systems, not just as an afterthought. In fact, this is another reason operating systems SHOULD be upgraded regularly, as people get better at designing security into systems, you simply can't assume you can "slap that into" older systems.

In my experience, the biggest vulnerability is the user clicking on links or opening attachments in spam. With large systems that have many users it is vitually impossible to prevent this. Spammers are continually upping their game to try to fool the users into believing it is a genuine message. A present tactic is to try to pretend to be a scanned document from a local machine.



All of us can up our game on this. That said, no machine should have privileges to install software when a non-administrative user is at the controls.

This bit I agree with completely. Of the "top 10" types of attack, I think 5 are pretty much attacking the user as the most vulnerable part of the system.

 

[Bantamzen]

In a properly configured system, updates will be applied automatically and systems rebooted, on client machines at least - this should be both anti-virus and other patches. Better still, it should be able to report back so the admins know at a glance what may need a closer look. The only real investment in time, if everything is doing this OK, is the additional time spent waiting for PC's to shut down and start up when they get the patches.

Backend stuff may be different and may be patched manually to control how certain things start back up, for example - there is a greater time cost on this

That depends on the nature of the network. If a large organisation runs a lot of bespoke / in-house software, especially if it is business critical, then each patch / update has to be tested against anything important. This means that updates may be queued & tested unless they are absolutely security critical. This could explain why so many large organisations were caught out by this current infection.

 

[Sacro]

Don't see why, what OS would you use? Open source Linux, where all the source code's on the internet? Write their own (on a Unix-based platform)? I assume you aren't suggesting the NHS hire a massive development team to build some sort of NHS kernel.

Yes, Linux is used worldwide for many things, support is far cheaper and the system is more secure out the box.

Also on the subject of attachments, that's not how this one spreads, it looks for SMB based file shares and goes in that way.

 

[gsnedders]

I struggle to believe all the computer systems the railways use are connected to each other, so I think it is unlikely everything could go down. For instance I can't see why signalling systems and ticketing systems would rely on each other, presumably they're largely independent?

There's two points here: one is whether they're on any large network (realistically, that matters more than whether the network is publicly accessible, because it gives you more potential points to get into the network to attack it); the other is that Stuxnet (admittedly almost-certainly state-sponsored) attacked airwalled systems (i.e., with no connection to any other system). As such, having your systems entirely offline and inaccessible from the internet doesn't really mean that much. Someone with sufficient resources will probably still manage to attack the system, especially if it's something high-value like a national railway network.

The national Air Traffic computers are IBM mainframes and (very wisely) do not run MS Windows, hence would not be vulnerable to this particular attack. However any computer can go down in hardware fail situations and NATC has a carefully designed redundancy configuration to prevent on box failing from bringing the whole setup crashing down. Multiple failures can still achieve that since such things cost and the cost must be justified to upper management.

Mainframes are a whole different world with vastly different support contracts and levels of internal hardware redundancy (processors or RAM failing in mainframes are a non-issue, for example). That said, they're still typically used for high-transaction volume systems were consistency is an absolute requirement, but many of them are sufficiently valuable in transactions per minute that many places now have two mainframes, where the second is pure redundancy should something happen to the first, and given the cost of owning each... well, that says a lot about the losses if they go down for minutes yet alone hours.

Since Microsoft's licence (if you bother to read it) states clearly that it is not valid for use in safety-critical situations I really am astonished and disgusted to see it used to used so often in critical infrastructure situations. It would seem to be an unorganised conspiracy among those responsible for the setup to stick to something that is guaranteed to require a higher level of support so they have more jobs.

Microsoft's off-the-shelf licenses say that, yes. As is fairly obvious, they will sell you other licenses. I presume a large part of the reason why Windows gets used in so many situations is simply because the alternatives are equally expensive, typically because you're either looking for a RTOS (and AFAIK Windows CE is) or because you want a contract and a warranty for it being used in safety-critical applications.

Don't see why, what OS would you use? Open source Linux, where all the source code's on the internet? Write their own (on a Unix-based platform)? I assume you aren't suggesting the NHS hire a massive development team to build some sort of NHS kernel.

Source being public means very little: what studies have been done tend to suggest about an equal number of exploits regardless of whether source is available (and Windows is relatively accessible within academic circles; I doubt it'd be overly hard to get access to if you were a state-level attacker trying to bring a national railway network to a halt, for example). So all that matters is if you can find exploits by looking at the code more easily than reverse-engineering them and finding them: and as far as I'm aware, most exploits in the past few years of open source stuff have essentially been found in the same way as exploits in closed source stuff, primarily because the shallow things that are obvious from the source have mostly been long ago fixed.

 

[gsnedders]

Yes, Linux is used worldwide for many things, support is far cheaper and the system is more secure out the box.

Also on the subject of attachments, that's not how this one spreads, it looks for SMB based file shares and goes in that way.

And, notably, SMB1 shares. MS has been trying like crazy to move people away from SMB1 for over a decade at this point.

 

[cjmillsnun]

A lot of people have a very simplistic view of what it takes to upgrade the OS in a major business.

I could write an essay on upgrade issues, as could anybody who has worked in IT in a major national business but it all comes down to money. Being out of support simply isn't an arguement, you have to be able to put a positive cost benefit on the upgrade. (I never liked that approach but I was just the poor devil who had to nursemaid the old software).

In my industry and in the office I am in, we cannot afford to let software support lapse.

 

[najaB]

Also on the subject of attachments, that's not how this one spreads, it looks for SMB based file shares and goes in that way.

It is, however, how it initially gets onto the network.

 

[najaB]

Personally I see "ending support for" as a sort of extortion racket: buy our new products or else.

Except MS has had a publicly available end of support policy for as long as I can remember. When you bought your PC with Windows XP on it the EOL date was already known and published. There's no extortion as they told you before you paid your money that you wouldn't be getting open-ended support.

 

[Bookd]

The main risk is someone importing a problem. I read that, as a test, U.S. security loaded a monitoring 'bug' onto a load of USB pen drives which were 'accidentally' lost in and around the parking areas of high security sites - it was notable how many were plugged in to the finder's office computer out of curiosity as to what they might contain.

 

[QueensCurve]

This is all about "defence as design", or whatever they like to call it these days. Basically, security needs to be at the core of all your systems, not just as an afterthought. In fact, this is another reason operating systems SHOULD be upgraded regularly, as people get better at designing security into systems, you simply can't assume you can "slap that into" older systems.

I don't particularly disagree with anything you have written - and certainly don't have the expertise to comment on OS Kernels.

I do have reservations about the need to use a "supported" operating system and, while more recent versions of Windoze may be more secure, it remains a sort of arms race.

I still see defence in depth as the way to keep things secure. But with the Mk1 human operator there will always be a weekness.

There is a useful article giving a deeper understanding of the recent ransomware attack.

https://www.byline.com/column/67/article/1655

 

[QueensCurve]

Except MS has had a publicly available end of support policy for as long as I can remember. When you bought your PC with Windows XP on it the EOL date was already known and published. There's no extortion as they told you before you paid your money that you wouldn't be getting open-ended support.

That makes me feel so much happier about paying for the Evil Empire's products.

 

[Peter Mugridge]

The main risk is someone importing a problem. I read that, as a test, U.S. security loaded a monitoring 'bug' onto a load of USB pen drives which were 'accidentally' lost in and around the parking areas of high security sites - it was notable how many were plugged in to the finder's office computer out of curiosity as to what they might contain.

I can top that; I am aware of one incident - about 20 years ago - where an IT department had a sterile computer for checking out suspected viruses etc set up literally right next to an identical machine which was being used as the master control for their network.




No prizes for guessing what happened next...

 

[Starmill]

I bought this machine in early 2010 on Windows 7. I was aware at the time that Microsoft typically aim for a software life of a decade or so - although they went over this significantly with XP, even agreeing to a final 12 months of support for it for the UK (and other) Governments from 2014 to 2015. If this machine makes it to the date that Windows 7 goes off support I will be astounded. Although it has served me remarkably well for the past 7 years, if the machine looks like it will make it to the date when Windows 7 goes off support, I will probably buy a new one in time for that. I don't really see a problem.

 

[ainsworth74]

And indeed you'll be well overdue an upgrade by that time! I reckon on getting about five years out of a laptop before mixture of physical wear and tear and hardware obsolescence mean that a new one is required. Which fits in nicely with Microsoft's release schedule usually. I'll probably be in the market for a new laptop around 2019 all things being equal and no doubt by that time whatever is going to succeed Windows 10 will probably be out by then.

 

[route:oxford]

The main risk is someone importing a problem. I read that, as a test, U.S. security loaded a monitoring 'bug' onto a load of USB pen drives which were 'accidentally' lost in and around the parking areas of high security sites - it was notable how many were plugged in to the finder's office computer out of curiosity as to what they might contain.

Well, nobody is going to risk sticking into their own computer!

 

[Pete_uk]

This whole thing is something about the digital railway I worry about

 

[najaB]

This whole thing is something about the digital railway I worry about

If systems are properly patched, the network is properly firewalled and segmented and users are sensible (or restricted from doing dangerous things) then the risk is minimal.

 

[cjmillsnun]

That makes me feel so much happier about paying for the Evil Empire's products.

If you really want to support the evil empire... www.apple.com (I'm typing this on a MacBook Pro but won't buy another Mac as they are now taking the mickey with their prices which are beyond premium now)