This morning Horst Sinderman, facility manager for the Intershop Meat Plant in Delano GA, announced that the facility would be shut down for at least a week. “Starting with the 11 to 9 shift today we are in an unplanned maintenance shutdown through next Thursday,” Sinderman told reporters; “In accordance with our employee contracts, we will be paying all hourly employees at the standdown rate.”
When asked about the reason for the shutdown, Horst explained that the facility’s wastewater treatment plant had experienced control system issues last night and the processing systems had to be shut down. “Since we cannot process our wastewater, we cannot continue the operation of the facility,” Sinderman said. Sinderman insisted that the computer problems were not the result of a cyberattack on the facility or ransomware but would not go into details about the problem.
A team from Dragonfire Cyber was seen entering the plant early yesterday evening, but there is no comment from company spokespersons about what the team was doing. “We do have a team on site helping Intershop with their control system issues,” Kate Libby, a Dragonfire spokesperson, told reporters; “I can confirm that the problems they are experiencing are not the result of outsider actions.”
An Intershop employee who was not authorized to speak with the press told me that the problem was due to actions taken by the facility IT team in response to a Water ISAAC alert. “It was something called BadAlloc,” the employee told me; “The IT people installed an update and the whole system crashed.”
I asked Gen Turgidson about this BadAlloc problem at this morning’s press briefing at the National Critical Infrastructure Security Operations Center (CI-SOC). “I do not know anything about the specific problems at Intershop, but I can tell you that we are very concerned about the BadAlloc vulnerabilities that many control systems face.” He went on to explain that these vulnerabilities affect a number of real time operating systems. “Exploits of these vulnerabilities could lead to unexpected behavior such as a crash or a remote code injection/execution.”
Turgidson went on to explain that many of the affected operating systems do have new versions that are unaffected by the BadAlloc vulnerabilities. When I asked if installing one of these new versions could result in a system crash, Turgidson said that that would depend on a number of things. “We always suggest that updates be tested on off-line systems before being installed on operational systems,” he explained; “Every control system is a unique entity, and no one can predict the interactions between all of the active components of the system.”
No comments:
Post a Comment