CookieDealer
Detailed descriptions? Fuck off.
- Joined
- Apr 26, 2016
- Messages
- 616
- Nebulae
- 1,273
I took a course in Information security and on the final exam the Professor had written a case description that went like this. In case you're wondering I got permission from the professor to post this online.
Behind the Screen: The Plaything of Cyber Saboteurs
A late Sunday night, 23:58
It is Sunday night, the 25th of October, Gordon Freeman was sitting at home on the couch with his wife, watching a documentary about Wikileaks, when suddenly the room plunged in to darkness.
“It would seem the NSA won’t allow us to finish the documentary” Gordon’s wife said jokingly. Gordon, however, didn’t laugh. Being the CEO of Black Mesa, a research company that develops commercial and government grade electric smart grids, Gordon had earlier that year managed to secure a contract to deliver most of the smart electrical infrastructure for his home city. The deal had been an enormous victory for the once small company, but had also demanded great responsibility.
A digital clock standing next to the couch on a side table showed 00:00. Precisely midnight. Feeling uneasy, Gordon stood up and walked over to the kitchen window. Looking out from their penthouse apartment overlooking the centre of west side, New Mexico, it seemed the entire block was out of power. In fact, the entire skyline around his apartment was engulfed in complete dark. “This doesn’t look good” said Gordon to his wife who had started to light some candles around the apartment. “It’s just a power failure, don’t worry about it Gordon” said his wife, as she strolled back to the couch. But Gordon could not shake the feeling that this was not a normal blackout. “I need to go to the office, something doesn't feel right!” he said abruptly as he grabbed the car keys, “don’t wait up for me, I don’t know how long I’ll be...”
Control and Response, 00:10
In another part of New Mexico, unaware of the blackout, sat the employees at Black Mesa’s control and response department. It had been a slow night. Sundays meant only a handful of technicians on shift, a skeleton crew overlooking the operation of the smart grid equipment connected throughout New Mexico.
Dr. Eli Valance, one of the more senior technicians was in the middle of telling a story to two of the more recently employed novices Barney Calhoun and Wallace Breen. “That’s when I turned around and told him...” said Dr.Valance, but cut himself short as the light flickered in the control room. “Yes? Don’t keep usin suspense! What did you tell him?” said Wallace eagerly, clearly enjoying the story.
“Holdon... This is not supposed to happen, I think our electricity just went over to the backup generators,” said Dr. Valance, and added, “was there anything off with the control system?”The two novices looked at each other and shook their head. “No, everything is normal”,“Yeah, as any other day” said the two. “Maybe it’s one of those hactivists we got an emailabout” said Barney jokingly.
“Hactivists?” said Dr. Valance sternly, failing to see the joke.“Yes” continued Barney “I got an email a few weeks ago... I thought we all did? The one with an excel file from Homeland Security containing a list of known hactivists and electrical grid saboteurs? But when I tried to open it on my computer,” he said glancing over at the computers, “excel kept on crashing”. But as he did so, Barney noticed to his surprise, that his computer, which screensaver normally would have turned on by now, was logged into.What’s more, the main control system software that overlooked the network of active smartgrid devices, was open on his desktop.
That was not surprising in and of itself, technicians often forgot to logoff as they left their terminals, but as Barney was looking from across the room, he could clearly see how the mouse cursor was moving around, clicking on various options in the software, seemingly on its own accord, as if controlled by a ghost.“Wait, what’s that?” he said out loud, walking towards the desktop computer. “What is what?” replied Dr. Valance and Wallace almost in unison and looked over at Barney’s workstation.
Seeing how the mouse was flying over the screen clicking on options and administrating the control system, Wallace looked at Dr. Valance and said “Do we need to call the IT-guys?” Dr. Valance stood quiet for a while, wondering what the phantom user was trying to do to the system. “Hold on a second,” he said “What if this is the IT guys doing this?Wallace, call Alyx, and put her on speaker.” But as Wallace called Alyx’s number, all he could hear was a busy tone. “C’mon Alyx! How can you possibly be busy now?!” he thought to him self as he tried dialing the number once more
Meanwhile, just miles away, 00:15
Speeding down the dark, empty streets of New Mexico, the odd feeling that this was not a normal blackout had only increased, and Gordon could not help but think of the Ukrainian power failure that had happened back in 2015, the day before Christmas.
Trying hard to calm himself, Gordon could not suppress the sense that a similar attack had now reached into his home.As Gordon made a right turn, roughly three blocks away from Black Mesa office, his phone rang. “This is Gordon” he answered shortly as he always did. “Hi Gordon, this is Alyx” said the voice on the other end. Recruited straight out of college, Alyx Vance had risen fast in Black Mesa, and four years after her initial employment, had become head of IT and Security.
“This is not good” Alyx continued, “I trust you have noticed the blackout?”. Scoffing so loudly he almost spat straight out, Gordon replied back that it was hard not to have noticed,“What is it? Does it have anything to do with us and our equipment?” he asked Alyx and made another sharp right turn. No street lights made driving difficult, and Gordon had already twice narrowly managed to break in front of a pedestrian.
As he honked his horn, he heard Alyx on the other end “That’s just it, I can’t seem to get in contact with any of our smart grid devices. It’s like they don’t exist!”.All smart grid devices provided by Black Mesa had remote administration capabilities,that was one their benefits and what made their products superior to older technologies. No longer did field technicians have to travel long distances to re-configure or to turn on or off devices, but could do so remotely. Plus, each device was monitored from Black Mesa’s control and response department. Gordon was taken aback by Alyx’s comment, “What do you mean they don’t exist?”
Feeling both stressed and irritation growing, Gordon tried his best to remain calm, they needed a plan. “Alyx” he said, trying to sound as calm and authoritative as possible, “I need you to take one of our smart grid devices, it doesn't matter which one, and head over to the lab. If there is something wrong with it, perhaps we can figure out what it is,and maybe that is what is causing this blackout.”
Alyx was quiet for a long time over the phone, and Gordon could hear her steady breathing on the other end, “Do you really think we might be the cause of this blackout? But what about our inbuilt automatic fail safe system?”she finally replied. “I don’t know” replied Gordon “but right now, we can’t rule anything out.It is devastating as it is by us not being able to access our own devices remotely!”. Alyx said she was already at the office with one of the senior engineers, Judith Mossman, and would start figuring out what was the issue with the smart grid device. They hung up.
Department of Control and Response; in a Desperate Response, 00:15
At the same time, over at Black Mesa’s department of control and response, Wallace,Barney, and Dr. Valance were uncertain of what to do, as they stood watching over Wallace’s computer. “So, what is he doing right now? What is he waiting for?” said Wallace, seeing that the mouse had briefly stopped moving.
Barney reached forward and squinted at the screen to read the small label the mouse had just clicked on before remaining still, “He’s trying to reach the section breakers” he said. “What? He is switching them off? But this is connected to the circuit,” exclaimed Dr. Valance, “is he cutting the power?!”“This cannot be the IT guys”, thought Dr. Valance to himself in panic as he tried to take control over the computer.
But as he took the mouse, he quickly noticed that he had no control over it. He tried typing on the keyboard, frantically hitting ‘Alt+F4’ on it to close down the software, but soon realizing with horror that the phantom did not only steer the mouse of the computer, but had taken complete control over it. Feeling how panic took the better of him, he spun around to face Wallace and Barney who stood looking sheepishly at each other, and yelled in a voice sounding very different than his normal self “PULL THE CABLES!”
The two novices stood silently for a second, then burst out laughing, obviously this was just all a joke? But seeing the expression on Dr. Valance’s face, they quickly realized that it was not a joke, nor some maintenance errand from IT. They soon found themselves on the floor, scrambling around on all four pulling any cables they could reach. Feeling the pulse pounding, Dr. Valance knew they were already too late. Dozens of circuit breakers had already been opened, cutting power to many, if not all, of Black Mesa’s customers.
Losing Remote Control, 00:45
Pulling up on the parking lot, Gordon did not bother to park properly, but left his car standing diagonally over two parking squares as he ran into the building. Located on the furthers outskirts of New Mexico, it usually took Gordon an hour to drive to work, including traffic, to reach the small office building.
As he was hastily making his way into the building,in the direction of the test and development department, often simply referred to as the lab,Gordon thought back to when he had first founded the company in 2010 with a few tech savvy friends and a desire to be able to control and monitor electric power consumption. The market had been ripe, and it did not take long before they had gained their fist clients.
Offering both consumer and government grade equipment, and a 24/7 remote monitoring had made Black Mesa a popular choice. It had come as no surprise therefore when they had been selected to provide the west side of New Mexico with their smart grid technology. Having felt proud, Gordon now wondered if he had bit off more than they could chew. “It might not be us, it might still be just a blackout” he kept on telling himself, “the fact that there is a hiccup with the remote access could be just a bad coincidence.” But he found it hard to convince himself as he opened the door and entered the lab.
“You are not gonna believe this!” said the senior engineer Judith Mossman as soon as Gordon entered the lab. A technical genius, Judith was one of Black Mesa’s first employees and the brains behind much of their smart grid technology and remote system. “Listen to this”she exclaimed, “we use SSH to gain remote access to these devices, right, and we are running a small Linux kernel on it to manage all the I/O operations, OpenSSH, and...”, but Gordon cut her off “Please,” he said “in English?”.
Judith blushed slightly, “oh, sorry, of course”, and went on explaining that although Black Mesa’s devices used a cryptographic protocol, a default user setting had by mistake been introduced by a developer roughly four versions ago into the products operating system. “This means” she continued “that there has been an active user account with a default password on our devices for roughly six months, plenty of time for anyone to have brute force tested on the user.”
Gordon sighed, “You don’t make any sense,what is the key takeaway here?” Judith looked at him as Alyx, whom up till now had been standing quietly behind Judith, cleared her throat and said “it means someone has been able to connect to our smart grid devices remotely.”
The lab fell quiet as Alyx let the words sink in before she continued, “However, thanks to our inbuilt fail safe system, you can’t disconnect any of these devices from the circuit, only the response and control department can do that.So, I don’t think this is causing the blackout.” Alyx described that what the attackers had done, was to block out Black Mesa’s field technicians by removing their cryptographic SSHkey.
“The field technicians can only connect the devices to different circuits, not disconnect them. Only the response and control department can do that. It’s part of an inbuilt separation of duties.” Gordon looked at Alyx and asked “so, the hackers had no impact then? If they can’t disconnect any devices I mean?” Alyx nodded, “yes, in a way, but, it also means that,right now, we cannot reconnect any of our smart grid devices if they are disconnected from the control and response department. We will have to manually install a new version of the operating system on each and every smart device in order to restore the ability to do that.”
Time for Response, 01:00
The feeling of relief washed over Gordon. At least the blackout had not been caused by Black Mesa after all. “Alright,” he said, having regained his normal confidence, “this is very serious, someone has been tampering with the infrastructure! When can we have a patch ready, so that it does not happen again?” Judith was just about to reply when Gordon’s phone started ringing. “Hold on Judith, it’s Valance!”, and answered the phone. Alyx and Judith watched in surprise how Gordon’s expressions changed over the course of the phone call. In an almost metallic voice, Gordon addressed the room out loud as he put down the phone,
“I think we might have been the cause of the blackout after all... and I think we will need some expert help to understand what happened here tonight and make sure it won’t happen again.”
Behind the Screen: The Plaything of Cyber Saboteurs
A late Sunday night, 23:58
It is Sunday night, the 25th of October, Gordon Freeman was sitting at home on the couch with his wife, watching a documentary about Wikileaks, when suddenly the room plunged in to darkness.
“It would seem the NSA won’t allow us to finish the documentary” Gordon’s wife said jokingly. Gordon, however, didn’t laugh. Being the CEO of Black Mesa, a research company that develops commercial and government grade electric smart grids, Gordon had earlier that year managed to secure a contract to deliver most of the smart electrical infrastructure for his home city. The deal had been an enormous victory for the once small company, but had also demanded great responsibility.
A digital clock standing next to the couch on a side table showed 00:00. Precisely midnight. Feeling uneasy, Gordon stood up and walked over to the kitchen window. Looking out from their penthouse apartment overlooking the centre of west side, New Mexico, it seemed the entire block was out of power. In fact, the entire skyline around his apartment was engulfed in complete dark. “This doesn’t look good” said Gordon to his wife who had started to light some candles around the apartment. “It’s just a power failure, don’t worry about it Gordon” said his wife, as she strolled back to the couch. But Gordon could not shake the feeling that this was not a normal blackout. “I need to go to the office, something doesn't feel right!” he said abruptly as he grabbed the car keys, “don’t wait up for me, I don’t know how long I’ll be...”
Control and Response, 00:10
In another part of New Mexico, unaware of the blackout, sat the employees at Black Mesa’s control and response department. It had been a slow night. Sundays meant only a handful of technicians on shift, a skeleton crew overlooking the operation of the smart grid equipment connected throughout New Mexico.
Dr. Eli Valance, one of the more senior technicians was in the middle of telling a story to two of the more recently employed novices Barney Calhoun and Wallace Breen. “That’s when I turned around and told him...” said Dr.Valance, but cut himself short as the light flickered in the control room. “Yes? Don’t keep usin suspense! What did you tell him?” said Wallace eagerly, clearly enjoying the story.
“Holdon... This is not supposed to happen, I think our electricity just went over to the backup generators,” said Dr. Valance, and added, “was there anything off with the control system?”The two novices looked at each other and shook their head. “No, everything is normal”,“Yeah, as any other day” said the two. “Maybe it’s one of those hactivists we got an emailabout” said Barney jokingly.
“Hactivists?” said Dr. Valance sternly, failing to see the joke.“Yes” continued Barney “I got an email a few weeks ago... I thought we all did? The one with an excel file from Homeland Security containing a list of known hactivists and electrical grid saboteurs? But when I tried to open it on my computer,” he said glancing over at the computers, “excel kept on crashing”. But as he did so, Barney noticed to his surprise, that his computer, which screensaver normally would have turned on by now, was logged into.What’s more, the main control system software that overlooked the network of active smartgrid devices, was open on his desktop.
That was not surprising in and of itself, technicians often forgot to logoff as they left their terminals, but as Barney was looking from across the room, he could clearly see how the mouse cursor was moving around, clicking on various options in the software, seemingly on its own accord, as if controlled by a ghost.“Wait, what’s that?” he said out loud, walking towards the desktop computer. “What is what?” replied Dr. Valance and Wallace almost in unison and looked over at Barney’s workstation.
Seeing how the mouse was flying over the screen clicking on options and administrating the control system, Wallace looked at Dr. Valance and said “Do we need to call the IT-guys?” Dr. Valance stood quiet for a while, wondering what the phantom user was trying to do to the system. “Hold on a second,” he said “What if this is the IT guys doing this?Wallace, call Alyx, and put her on speaker.” But as Wallace called Alyx’s number, all he could hear was a busy tone. “C’mon Alyx! How can you possibly be busy now?!” he thought to him self as he tried dialing the number once more
Meanwhile, just miles away, 00:15
Speeding down the dark, empty streets of New Mexico, the odd feeling that this was not a normal blackout had only increased, and Gordon could not help but think of the Ukrainian power failure that had happened back in 2015, the day before Christmas.
Trying hard to calm himself, Gordon could not suppress the sense that a similar attack had now reached into his home.As Gordon made a right turn, roughly three blocks away from Black Mesa office, his phone rang. “This is Gordon” he answered shortly as he always did. “Hi Gordon, this is Alyx” said the voice on the other end. Recruited straight out of college, Alyx Vance had risen fast in Black Mesa, and four years after her initial employment, had become head of IT and Security.
“This is not good” Alyx continued, “I trust you have noticed the blackout?”. Scoffing so loudly he almost spat straight out, Gordon replied back that it was hard not to have noticed,“What is it? Does it have anything to do with us and our equipment?” he asked Alyx and made another sharp right turn. No street lights made driving difficult, and Gordon had already twice narrowly managed to break in front of a pedestrian.
As he honked his horn, he heard Alyx on the other end “That’s just it, I can’t seem to get in contact with any of our smart grid devices. It’s like they don’t exist!”.All smart grid devices provided by Black Mesa had remote administration capabilities,that was one their benefits and what made their products superior to older technologies. No longer did field technicians have to travel long distances to re-configure or to turn on or off devices, but could do so remotely. Plus, each device was monitored from Black Mesa’s control and response department. Gordon was taken aback by Alyx’s comment, “What do you mean they don’t exist?”
Feeling both stressed and irritation growing, Gordon tried his best to remain calm, they needed a plan. “Alyx” he said, trying to sound as calm and authoritative as possible, “I need you to take one of our smart grid devices, it doesn't matter which one, and head over to the lab. If there is something wrong with it, perhaps we can figure out what it is,and maybe that is what is causing this blackout.”
Alyx was quiet for a long time over the phone, and Gordon could hear her steady breathing on the other end, “Do you really think we might be the cause of this blackout? But what about our inbuilt automatic fail safe system?”she finally replied. “I don’t know” replied Gordon “but right now, we can’t rule anything out.It is devastating as it is by us not being able to access our own devices remotely!”. Alyx said she was already at the office with one of the senior engineers, Judith Mossman, and would start figuring out what was the issue with the smart grid device. They hung up.
Department of Control and Response; in a Desperate Response, 00:15
At the same time, over at Black Mesa’s department of control and response, Wallace,Barney, and Dr. Valance were uncertain of what to do, as they stood watching over Wallace’s computer. “So, what is he doing right now? What is he waiting for?” said Wallace, seeing that the mouse had briefly stopped moving.
Barney reached forward and squinted at the screen to read the small label the mouse had just clicked on before remaining still, “He’s trying to reach the section breakers” he said. “What? He is switching them off? But this is connected to the circuit,” exclaimed Dr. Valance, “is he cutting the power?!”“This cannot be the IT guys”, thought Dr. Valance to himself in panic as he tried to take control over the computer.
But as he took the mouse, he quickly noticed that he had no control over it. He tried typing on the keyboard, frantically hitting ‘Alt+F4’ on it to close down the software, but soon realizing with horror that the phantom did not only steer the mouse of the computer, but had taken complete control over it. Feeling how panic took the better of him, he spun around to face Wallace and Barney who stood looking sheepishly at each other, and yelled in a voice sounding very different than his normal self “PULL THE CABLES!”
The two novices stood silently for a second, then burst out laughing, obviously this was just all a joke? But seeing the expression on Dr. Valance’s face, they quickly realized that it was not a joke, nor some maintenance errand from IT. They soon found themselves on the floor, scrambling around on all four pulling any cables they could reach. Feeling the pulse pounding, Dr. Valance knew they were already too late. Dozens of circuit breakers had already been opened, cutting power to many, if not all, of Black Mesa’s customers.
Losing Remote Control, 00:45
Pulling up on the parking lot, Gordon did not bother to park properly, but left his car standing diagonally over two parking squares as he ran into the building. Located on the furthers outskirts of New Mexico, it usually took Gordon an hour to drive to work, including traffic, to reach the small office building.
As he was hastily making his way into the building,in the direction of the test and development department, often simply referred to as the lab,Gordon thought back to when he had first founded the company in 2010 with a few tech savvy friends and a desire to be able to control and monitor electric power consumption. The market had been ripe, and it did not take long before they had gained their fist clients.
Offering both consumer and government grade equipment, and a 24/7 remote monitoring had made Black Mesa a popular choice. It had come as no surprise therefore when they had been selected to provide the west side of New Mexico with their smart grid technology. Having felt proud, Gordon now wondered if he had bit off more than they could chew. “It might not be us, it might still be just a blackout” he kept on telling himself, “the fact that there is a hiccup with the remote access could be just a bad coincidence.” But he found it hard to convince himself as he opened the door and entered the lab.
“You are not gonna believe this!” said the senior engineer Judith Mossman as soon as Gordon entered the lab. A technical genius, Judith was one of Black Mesa’s first employees and the brains behind much of their smart grid technology and remote system. “Listen to this”she exclaimed, “we use SSH to gain remote access to these devices, right, and we are running a small Linux kernel on it to manage all the I/O operations, OpenSSH, and...”, but Gordon cut her off “Please,” he said “in English?”.
Judith blushed slightly, “oh, sorry, of course”, and went on explaining that although Black Mesa’s devices used a cryptographic protocol, a default user setting had by mistake been introduced by a developer roughly four versions ago into the products operating system. “This means” she continued “that there has been an active user account with a default password on our devices for roughly six months, plenty of time for anyone to have brute force tested on the user.”
Gordon sighed, “You don’t make any sense,what is the key takeaway here?” Judith looked at him as Alyx, whom up till now had been standing quietly behind Judith, cleared her throat and said “it means someone has been able to connect to our smart grid devices remotely.”
The lab fell quiet as Alyx let the words sink in before she continued, “However, thanks to our inbuilt fail safe system, you can’t disconnect any of these devices from the circuit, only the response and control department can do that.So, I don’t think this is causing the blackout.” Alyx described that what the attackers had done, was to block out Black Mesa’s field technicians by removing their cryptographic SSHkey.
“The field technicians can only connect the devices to different circuits, not disconnect them. Only the response and control department can do that. It’s part of an inbuilt separation of duties.” Gordon looked at Alyx and asked “so, the hackers had no impact then? If they can’t disconnect any devices I mean?” Alyx nodded, “yes, in a way, but, it also means that,right now, we cannot reconnect any of our smart grid devices if they are disconnected from the control and response department. We will have to manually install a new version of the operating system on each and every smart device in order to restore the ability to do that.”
Time for Response, 01:00
The feeling of relief washed over Gordon. At least the blackout had not been caused by Black Mesa after all. “Alright,” he said, having regained his normal confidence, “this is very serious, someone has been tampering with the infrastructure! When can we have a patch ready, so that it does not happen again?” Judith was just about to reply when Gordon’s phone started ringing. “Hold on Judith, it’s Valance!”, and answered the phone. Alyx and Judith watched in surprise how Gordon’s expressions changed over the course of the phone call. In an almost metallic voice, Gordon addressed the room out loud as he put down the phone,
“I think we might have been the cause of the blackout after all... and I think we will need some expert help to understand what happened here tonight and make sure it won’t happen again.”
Reactions:
List
