Computer Security for small utility systems
By: Robert H. Walker
FW & PCOA
The purpose of this article is to assist the small water and wastewater operator in adding a layer of security to their computer and Internet systems.
Small plant operators must wear many hats to run their systems. Some one running a small plant must be an operator as well as the maintenance department and plumber and a host of other jobs. A small system operator must do it all and be a jack of many trades.
In a large city, one would have separate departments for the various functions that go on at the plant. A large utility would have a system administrator for their information technology or computer department. This would entail someone that is not only familiar with security issues for the computer, but is a specialist in the field. A small plant operator would not have the luxury of having such specific expertise at their disposal. I will gear this information for windows based systems, as they are the most popular among small utilities. This information would also apply for home-based computers.
If you have a scada system for your plant, you would not want it tied into the Internet. A dedicated and separate scada system would be much more secure.
Just as an air gap in a cross connection control system is the most effective method of controlling unwanted flow, so a separate dedicated computer with no Internet access would be much less vulnerable to outside attack.
We hear much on the news about computer viruses, worms and Trojan horse programs. For the purpose of this article we shall ignore the specific differences between them. Just know that the creators of these malicious programs wish to damage your computer or steal your information. Viruses and worms are designed to duplicate themselves until your computer will not longer function properly and it shuts down. This is like having your elevated storage tanks continue filling with water after they are already full to capacity. A virus is merely a set of instructions for the computer to perform certain functions that are unwanted.
A Trojan horse refers to the Greek story of the soldiers from Troy that hid inside the wooden horse and unleashed them selves upon the unsuspecting city. The people thought that they were getting a present and they got something that they neither expected, nor wanted. Such is the case with a Trojan program, you may think you are at a website getting a free present and you download a program, like the file or music sharing programs, and you can get a Trojan horse that could give control of your computer to an outsider.
There is a group called the Cult of the dead cow and they have a Trojan type program called “black orifice” that is designed to give someone else control of your computer. An outsider could steal your identity that is stored on your system or maybe your banking information, if you had “black orifice” running on your system. They could also use your computer to send out unsolicited advertisements or Spam, as it is commonly known. Imagine if someone at their water plant had this on a scada system that was connected to the Internet. Someone could have the system overdose fluoride or some other chemical and disable the alarms. This is a worse case scenario of course, and to date has not happened here, to my knowledge.
The best way to prevent an unwanted virus or Trojan from getting on your system is to make sure you have an anti virus program on your computer. The 2 most popular home use anti virus programs are Norton and Macafee. If you have an anti virus program on your computer, it must always remain running to be effective. New viruses are being written everyday and these programs have a library that look for these messengers of doom on your computer. You must configure the anti virus program to accept updates to keep the protection current and ensure that the library is up to date. You could also be very careful about opening attachments and running programs that you are unsure about. If you are unsure about how to do this, you could use the help file that comes with the program or ask someone that is competent with computers.
Many people will tell you to not open attachments for people that you do not know. You must also be aware that just because you know the person sending you an attachment, does not make it automatically safe. Their computer could be infected with a virus that replicated itself and mailed you a copy.
I have a small Internet service business and I created my own websites, so computer security is a serious issue to me that I had to learn. I have had very good luck with Norton anti virus and I have used it for years. I know other people that have used Panda or Macafee and have had good results. I do not believe the brand is not as important as having current protection on your system. I have no commercial interest in any software company, just so you know.
The next installment of this article will cover hacking and firewalls.
Robert H. Walker is employed at South Martin Regional Utilities in Hobe Sound Florida and has a double C license in water and wastewater. He took computer science at Palm Beach Jr. College and has a Bachelors degree in religious education. He does website development for his own personal service business
Computer and Internet Security:
Spyware
By: Robert H. Walker
Veolia Water NA
South Martin Regional Utilities
In this installment of the computer security articles, I shall cover what is known as spyware, scumware or ad ware. What exactly is spyware and what does it do? Spyware, scumware or adware is a computer program, a set of instructions, that loads onto your computer and reports information gathered from you and your system to an information point controlled by an outside entity. In other words, this spyware program will run in the background on your computer and report to an outside source your Internet activities. This is usually done without one’s knowledge and the potential for danger is very great. Now you know why it is called spyware, as it will use your own computer to spy on you. This is often known as the “dark side” of the Internet and it is, in my opinion, a greatly underestimated threat to the Internet community in general and the utilities specifically.
Who would be interested in learning of your Internet habits? Advertisers, in a word, are the answer to that question. Have you ever looked at something on the Internet that you were considering purchasing? Soon, you had a deluge of emails offering to sell you the same type of item that you were looking to purchase. Coincidence? I don’t think so. Did you ever wonder where those advertisers got your email address? You mailbox full of offers to purchase various items and or services and you wondered how in the world did they know your email address and how to contact you? Well now you know about the world of spyware and what it is capable of doing.
Spyware is usually bundled in with “free programs” such as games and file or music sharing programs as well as screensavers. Advertisers will pay the websites that provide such services for the information gathered from your Internet search habits. These programs are often just a nuisance and will tie up your computer’s resources. It will use your computer’s processor and memory to spy on you and report to its creator. If you notice that your computer is running sluggishly or freezes up, spyware is very likely the cause of your problems. Microsoft and Bill Gates get much of the blame for windows based computer that freezes up, but spyware is the culprit more often than not.
When someone tries to download a “free program” off the Internet, the creator of the programs, may have you read and accept an agreement. You should take 5 minutes to read the agreement and understand that you are accepting a program designed to spy on you and may cause your computer to freeze up or run slow.
Some websites, it is alleged by some, will download these pernicious programs with out an agreement being signed. This is enabled just by visiting websites that
Exploit certain security flaws in windows based systems.
These spyware programs can be hosted on an overseas website, and even if there were laws in the U.S. against these programs, they would be difficult to enforce. Congress is considering legislation to control these programs. I have heard that advertisers spend about 2 billion a year over the Internet. If you do not know what a billion is, do not worry, I do not believe than many in congress know what a billion is either. If the USA had one million dollar bills then a billion would take a thousand of these million dollar bills.
There are programs known as keystroke loggers that log or record your keystrokes or the typing that you do on your computer. These keystroke programs record everything that you type and can report it without your knowledge. This would be very useful to someone that wanted to steal your bank account and password information. It could be used for identity theft and then be used to open up credit accounts in another person’s name. Spyware could potentially use such technology to do this or gain access to a utility’s computer system for cyber-terrorism. Can you imagine if someone had access to the utilities systems computer passwords?
So what can we do to clean up our computers from the scourge of spyware?
There is a company known as Lavasoft and they make a program called
“ad aware” and it is free for home use. Utilities can get a commercial version for a reasonable price or ask for lavasofts permission for the free version. It scans your computer for known ad ware or spyware and removes it. You can use a major search engine, like google, and search for their website and then download it. Make sure that you get the updates and scan your system and you maybe amazed at how much junk you will find on your computer.
There is another wonderful program that I use called “spyware blaster” and it is put out by javacool and you can find it at the major geeks website and other places if you do a search for it for any major search engine. I like this program as it actually prevents spyware from loading onto your computer. Make sure that you get the updates and that you activate them. The help files that come with this program are very useful to acclimate you to running this program.
There is another great spyware killer called “spybot – search and destroy” and it may be found, along with many great utility programs, on the major geeks website. If you download these free programs and get the updates and scan your system regularly you may notice quite an improvement with your systems performance. You may notice that free programs that you downloaded will cease to function with the spyware removed.
Spyware is potentially a very serious threat and almost nothing is done prevent it.
The technology exists right now for severe damage with these types of programs.
We are just very fortunate as of now that advertisers only wish to make money on our Internet buying habits. In the wrong hands, spyware could prove to be a grave danger to essential services. It could be difficult to “prove” to a jury that a cyber crime was committed given the complexity of these programs.
useful links
http://www.lavasoft.com/
http://www.majorgeeks.com/
spybot
http://www.javacoolsoftware.com/spywareblaster.html
http://www.microsoft.com/athome/security/spyware/software/default.mspx
http://www.download.com/SpywareBlaster/3000-8022-10196637.html
Computer and Internet security for small utility systems
Part 2: Firewalls
By Robert H. Walker
FW & PCOA
A large city’s information technology department, which is in charge of the computer network, would insure that their system has adequate security. A small utility would not have access to this specialized computer expertise. So the focus of this article is to assist small utility operators using windows operating systems and this information could be useful for home users also.
In this segment of the computer security series, we shall discuss firewalls; what they are and do. A firewall is likened to a wall of fire that burns up and destroys attempts by hackers to gain access to a computer system. A firewall is a system that should block attempts by unauthorized users to gain access to your computer system while you are connected to the Internet.
A hacker is an unauthorized electronic trespasser that attempts to gain access to your data and / or control of a computer system. Hackers probe the Internet for unsecured computers and opportunities to steal your personal information or they may attempt to do damage to your system. In the case of a water utility, a hacker could close a valve that should be open, such as against a pump that is running. A hacker could also overfeed a dangerous chemical or disable alarms and wreck havoc with your system in a variety of ways. In the present climate of cyber terrorism we can never be too careful to secure our utility systems.
Firewalls are of 2 basic configurations, hardware and software;
Hardware is so called due to the fact that it has an actual presence that you can physically feel, like a computer keyboard or mouse. Hardware firewalls are built into routers that allow several computers to share Internet access and printers.
A router acts like a traffic cop directing (information) traffic into and out of an (internet) intersection. You can usually hook up to 4 computers into a single high-speed Internet access point like DSL or a cable broadband connection with a small system router.
The router’s hardware firewall acts like a doorman in a high-rise building. When a hacker gets to a router, he has literally thousands of choices, of what seems like rooms to try to break into, and he encounters many locked doors that lead nowhere. A router is absolutely essential to a computer that is always connected to the Internet. This should be your first line of defense and one needs many layers of security to protect our plants and our citizens’ health and safety.
A software firewall is a program that runs on your computer that should stop attempts to break into your system electronically. Software refers to a set of instructions on your computer that you are not able to physically touch. The XP version of windows has a decent firewall that is bundled into the operating system. You should configure it to be in the run mode, if you do not plan on adding another firewall. You can configure your system to have a router’s hardware, as well as computer resident software firewall for an added layer of security. Two firewalls are better than one, and they should not interfere with each other’s operation.
There are many fine companies that sell very good firewalls for a reasonable price of around for small users. There are even some free versions of firewalls for private home use that are very good.
An example of a very good firewall, free for personal use, is zone alarm. I have used this for years and I have had very good luck with it. It has what is known as a “stealth mode” and it helps to make your computer invisible to hackers while you surf the Internet. If a hacker cannot see you then they cannot break into your system. Zone alarm asks for your permission to grant access to programs trying to gain access to your system as well as asking for permission for a program trying to call out from your computer. If you did not request the program to work or if you do not know what the program is you could deny access to it and prevent it from running. A hackers program could steal your banking password and yet if you prevented it from calling home with your personal data, then your information would not be compromised. This is a very useful feature to have in a firewall and I would recommend it to anyone.
There is a company called Tiny’s that has a professional firewall that is very good as well. It has a feature that allows you to trace attempted break-ins and will give you the address of where they are located. I had Tiny’s for a while as a free version and I used it to protect my service business. I had many attempts to break into my computer and the bulk of the attempts originated from red China. China is a communist closed society and the people just do not have free access to computers and the interment. I wonder how many of the hacking attempts are sanctioned by the Chinese military as training for cyber warfare?
The US military had a group of programmers that they called the Tiger team and the purpose of this group was to attempt to break into the U.S. military’s computer systems. This group was given access to what was called the front door or rather they were let into the first layer of security. They learned what worked and what did not and what changes were needed to secure the military’s systems. They were given a cash bonus, if they were able to break into the military’s computer system and they tried their best to do so. If our best hackers were unable to access our own systems, then the enemy should be unable to break into our system. This was a program that was carried on during the cold war and I am sure it is in some form even today.
Linksys is an example of a home and small business router maker, which was recently acquired by Cisco, the giant of commercial router systems. It has been said that Cisco routers power the Internet and I would not argue that statement.
Routers connect computer systems to one another and they need security to keep malicious programs from infecting one another. Malicious programs called worms infect computer systems connected by routers and they can clog up the Internet traffic and shut down systems, but this would generally not affect small utilities or home users. One can generally purchase a router any place that computers are sold.
Computer and Internet Security:
Conclusion
