Comment Re:Internet? (Score 2) 203
Not completely true. ProfiNet, Modbus/TCP, EtherNet/IP, FINS, BACnet are all communication over ethernet tcp/ip stacks to the scada system and capable of issuing write commands. But then again perhaps prisons are using DCS style hardwired systems. Now the control system operating drives, switches, sensors or whatever are generally going to use some other system like Modbus, CAN, I2C,
The scada system capable of controlling the PLCs should be isolated from the internet but I've seen more than my fair share of the the other. I'm sure the prisons are more paranoid and heck there are probably 500 different contractors writing the control logic in 1500 different ways out there so if one were hacked it would like be an isolated incident. Stuxnet exploited the fact that the centrifuges used a common geometry layout so it new what addresses corresponded to what and could manipulate that. It was still super clever though.
The biggest problem is that most of those ethernet protocols used in scada have zero authentication or security around it. If you can talk to it you can do a lot of bad bad things without any passwords. Usually the HMI is responsible for authentication but who says you have to use the HMI like stuxnet. They may try to protect the control logic with passwords but usually that is just for show in the systems that support it and would not withstand any dedicated effort for very long.
I'm more worried about DNP3 substations than prisons since power companies tend to have a unified system and spread out over long distances though they know that.
