35 
Hacks have been popping up all over the place recently. Facebook, Microsoft, Twitter, various news organisations. And off-shore oil rigs aren’t to be left out. According to the Houston Chronicle, more than one of the things have been “incapacitated” by malware that can be traced back to the Internet’s most common vices: pirated music and porn.
The Chronicle relays reports from unnamed cybersecurity professionals that indicate there are plenty of cases where these islands of Internet disconnection have been infected, “exposing gaps in security that could pose serious risks to people and the environment.” Conventional Internet isn’t readily available on rigs, but the malware still gets in, sometimes due to satellite downloads, or good old-fashioned USB-drive stashes.
Obviously malware is never a good thing, but experts seem to be worried about infection on rigs in particular as it could lead to something like “a well blowout, explosion, oil spill and lost human lives.” And the whole situation is made worse due to the fact that many rigs, apparently, have little to no standards in place to keep malware at bay. One of the professionals described a situation in the gulf coast this way to the Chronicle: “They literally had a worm that was flooding their network, and they’re out in the middle of the ocean.”
So far there haven’t been any real catastrophic events, and chances are the malware that’s screwing stuff up is just run-of-the-mill nuance-grade, gumming up the works. But if something was to be directly targeted at the rigs, things could be much worse. Maybe it’s time someone update that anti-virus software. [Houston Chronicle via The Next Web]
The Biggest Claw Game Plucks Oil Rigs from the Briny Deep
This Magnificently Detailed Lego Oil Rig Will Be Spitting Brick Gold in No Time
The Craziest Home Desktop Computer Rigs on the Planet
Please explain to me how pirated music can spread malware? Sound like anti-piracy propaganda to me.
Pirate sites, like porn sites are both popular and frequently cheaply put together. They also have to be less picky with who advertises on them because most companies don’t want to affiliate with them. So often a primary source for malware entering someone’s system is one of these ads. Gawker had a problem with a dodgy ad some time ago, and I’d hope they had a better system than most.
Then, the stuff is just passed around from person to person, or loaded onto a system to play on a big screen. It’s a bit like shagging lots of people, instead of minimising contact to only your wife.
DRM encoded MP3s can bring up a website that can start the infection.
Piracy and porn sites do not cause computers to be infected with malware, user stupidity does.
“Oooh there’s a message giving me a free iPad, must click on it”.
Users are and will always be the biggest security flaw in any system because they constantly do stupid things like clicking dodgy links. As someone who works in IT Support, I know this all too well.
Critical systems on a lot of rigs aren’t networked, or at least they aren’t supposed to be. And some of the systems for the more advanced stuff don’t even run windows. Also safety equipment that relies on a computer is usually again self contained or it has a physical back up. While it certainly poses a risk of increasing the chances of a serious accident its not a case of malware being capable of doing it single handed.
I was wondering about that, I would have thought that all crucial systems ran of a VPN, and would not be allowed to access anything outside of that, and that they would have had other systems for the crew to spend their leisure time with.
Two VLAN’s one for administration, one crew entertainment and a firewall sitting inbetween. then you have the production system sitting isolated with no connection to the other two networks or the ouside world. I have installed this a few times in the past.
AH ha awesome!
I can tell you personel experience there is a lot of this in the oil and gas industry, just a few months ago one of the largest supplier of LNG had to shut down its processing plant and administration systems for over two weeks due to a virus. they end up scraping every pc and starting again from scratch.