http://www.theinquirer.net/inquirer/news/1556944/linux-saves-aussie-electricity

QUICK THINKING open sourcerers might have saved an Australian power supply system after its electrical grid control room network got infected with a virus.

A Windows virus hit the networks of Integral Energy and, according to a submission to Slashdot, the virus managed to spread to the operator display consoles in the control room.

Quick thinking techies in the control systems department of the utility swapped the infected Windows boxes for machines running Linux that they were using for development.

The move prevented the virus from taking over all the operator displays in the control room.

Full story via link above

http://www.theinquirer.net/inquirer/news/1556944/linux-saves-aussie-electricity



Full story via link above

This is the same kind of environment I worked in before I retired. We (the technical people) fought (and lost) for private proprietary S/W and networking due to what can happen in just such a scenario. Scary, to say the least.

Don't blame the Windows PC's for the Utilities failure to update their virus definitions.

The virus in question W32.Virut.CF has been in the wild for a long time and virtually every anitvirus has had protection in place since last February.

The fact that a major utility was running computers with anti-virus definitions that were more than 10 months out of date speaks to an almost unforgivable level of IT incompetence.

No doubt the open source fanboys will use this as a rallying cry. What they won't tell you is that no one bothers to write virus to infect PC's with an almost non existent Operating System.

It's not just windows folks. This article "Lazy Linux sysadmins (http://www.theinquirer.net/inquirer/news/1557303/lazy-linux-sysadmins-systems-insecure) make systems insecure" proves that it is always the weakest link in the chain that breaks, no matter what environment you are in.

Actually, they do. There ARE Linux viruses.

But you are exactly right about it being an IT failure, and nothing inherent in Windows.

Users HATE security, and scream loudly when it is implemented, because they want to be able to install their own software, copy files to and from their USB drives, check their MySpace/Facebook/Twitter pages, and download "free" games, etc. None of these things are necessary for a power utility to operate, but it's human nature. Microsoft greatly increased the security in Vista, but huge numbers of people purposely disabled chunks of it because they don't want to be bothered.

I worked for 2 large companies who didn't have their act together with regards to antivirus software. In both companies, it took a major infection to make it important enough to upper managment that their IT departments get it right, before they got set up with a single, working antivirus solution.

Don't blame the Windows PC's for the Utilities failure to update their virus definitions.


I saw that one coming when she rounded the bend at Jupiter. :lol:

That really is getting be the tired old excuse for Windows shortcomings, isn't it?
How fresh does a virus have to be to count?
A day?
An hour?
A minute?

Results are the same either way.
I've seen fully updated and properly configured AV installations allow infections to slip right by them.
Sure, they'll pop something and say, "Oh Look! We just let a virus in!"
Helpful stuff. Very helpful. :nono2:

I saw that one coming when she rounded the bend at Jupiter. :lol:

That really is getting be the tired old excuse for Windows shortcomings, isn't it?
How fresh does a virus have to be to count?
A day?
An hour?
A minute?

Results are the same either way.
I've seen fully updated and properly configured AV installations allow infections to slip right by them.
Sure, they'll pop something and say, "Oh Look! We just let a virus in!"
Helpful stuff. Very helpful. :nono2:
Hmm... Seems you have an ax to grind regarding Windows.

In this case, someone 10 months out of date on any OS antivirus detections is begging for trouble.

And allowing a vital control computer direct access to the internet is stupid trick #2.

How many mistakes do the administrators have to make before you blame them before the OS??? 1, 2, 10? :)

The first virus I ever saw personally was a MAC trojan. (I new of mail bombs before that, but never actually saw them.)

At this point, all operating systems have their vulnerabilities. Every one. Windows only appears to be the worst because it is so ubiquitous. Real programmers go after it-writing the scripts the "script kiddies use." Reverse Linux for Windows, the script kiddies would have scripts for Linux. (Actually they do... smurf was an oldie but a baddie.)

Cheers,
Tom

The fundamental problem here is any box used in a critical control system should not be connected to a network that's connected in any way to the internet without several layers of isolation. No usb flashdrives, no floppies, no surfing, no CDs/DVDs, no IM, no email on the critical network and secure, hardened boxes whatever the operating system.

Actually, they do. There ARE Linux viruses.

But you are exactly right about it being an IT failure, and nothing inherent in Windows.

Users HATE security, and scream loudly when it is implemented, because they want to be able to install their own software, copy files to and from their USB drives, check their MySpace/Facebook/Twitter pages, and download "free" games, etc. None of these things are necessary for a power utility to operate, but it's human nature. Microsoft greatly increased the security in Vista, but huge numbers of people purposely disabled chunks of it because they don't want to be bothered.

I worked for 2 large companies who didn't have their act together with regards to antivirus software. In both companies, it took a major infection to make it important enough to upper managment that their IT departments get it right, before they got set up with a single, working antivirus solution.

Is it also human nature to leave your door open and run in the middle of an intersection?

I'd shy away from saying 'human nature is acting like a complete idiot!'. I LOVE security. It's proaction. What you are refering to, are people who are dumb, only live for today, don't care what happens to them, and don't think that there will be any consequences.

And that describes corporations, and why alot of them are doing bad. Corporations today don't try to build a company, they live for the next quarterly earnings.

Results are the same either way.
I've seen fully updated and properly configured AV installations allow infections to slip right by them.
Sure, they'll pop something and say, "Oh Look! We just let a virus in!"
Helpful stuff. Very helpful. :nono2:

That might happen, but it is extremely less likely than the person who has outdated or no AV software. On the side I work on repairing computers and cleaning them off. One of my most common jobs is cleaning viruses off of a computer. And in every case, the user either had no or expired AV software. They were just waiting to be infected.

- Merg

I saw that one coming when she rounded the bend at Jupiter. :lol:

That really is getting be the tired old excuse for Windows shortcomings, isn't it?
How fresh does a virus have to be to count?
A day?
An hour?
A minute?

Results are the same either way.
I've seen fully updated and properly configured AV installations allow infections to slip right by them.
Sure, they'll pop something and say, "Oh Look! We just let a virus in!"
Helpful stuff. Very helpful. :nono2:

Would suggest you start researching and review the CERT bulletins that are available, you would be amazed at what security issues on alternate OS's never hit the 5th estate publicity monger sites because the distribution is just to small to meet their minimum criteria for outrage value..

Plain and simple it is stupid and criminal for ANY organization to allow their Virus definitions to be out of date. Policy on my systems is if the server that pushes the virus definitions to all the computers on the network miss 2 consecutive attempts at pushing a update the machine is removed from the network automaticly and the MAC address is banned until it can be looked at. For end users it is just plain stupid.

As you so happily quote, this is getting to be a old tired arguement for the "assumed qualities" of other OS's outside of Windows. The only correct definition of a secure system is on that has no outside connections this includes network,floppy drives,usb keys.