Friday, May 12, 2017

FirstNet -- AT&T is opening the door for Stuxnet and WannaCry?

We hear a lot of conversation surrounding AT&T’s ability to carry First Responder networks nationwide, to include the 6 territories. It may be just me, but how does this proposed solution secure the PSBN network, let alone its entire ecosystem of applications, especially NG-911? How will the entire electrical grid be safe? The transportation networks? Our call centers for 911 services? Our hospital systems? Or even a pacemaker?

One of the safest aspects of our electronic voting system is its disparate and separate parts. Every State, every city, every precinct is dissimilar than its neighbor. Why do you ask? Because such a detached and dispersed system insures safety of the overall solution. You can’t just walk into one voting precinct and infect one machine to infect all of them – they aren’t connected centrally. How will a centralized solution using AT&T’s commercialized network of interconnecting systems all over the nation, and connected to the rest of the planet, make our Public Safer? Our Nation safer? It doesn’t.

The Stuxnet virus that took down the Iranian centrifuge program, started as a common adware infection of one laptop computer. Once that laptop connected to its parent network within Iran’s Nuclear facilities the virus targeted the Siemens controllers of the centrifuges through its simplistic SCADA protocol. Even though the Iranian Nuclear network was supposedly a private and isolated, that laptop had offsite access to the commercial Internet. One simple click of an add or a hyperlink in a document, doomed the entire centrifuge system. The AT&T solution is really no different. In fact, AT&T’s network makes it even easier for such an infection, because it’s a commercialized open network designed for complete and centralized control. The entire world is connected through the well-established open architecture of the Internet, which enables someone the path of destruction for a Stuxnet virus to cause even worse damage than just centrifuges.  Every computer on the planet is interconnected with AT&T’s commercial network.

The military figured this out long ago. In order to make its networks safe, it had to either completely hide them in plain sight; or create a totally private and isolated network. They chose the isolation path. The entire network (SIPRNET back in the day) is isolated from all commercial networks. The only way to connect to it is through knowledge of its existence and the targeted secure thumb drive or laptop. That’s just a simplified exaggeration, but you get the drift. On the DoD’s secure network you can’t just walk up to a remote cell site, break the chains, enter the hut, and place an infected thumb drive into networked equipment so you can infect the entire system.

The entire commercial system, by design, is created to allow transference of network traffic homogenously throughout the entire network. When you place a call, establish your internet connection in the airport, or you get on your wifi at home, it’s all networked through a packetized open architecture of the Internet, all driven and supported by the commercial architectures of – you guessed it – the commercial carriers.

The security for the commercial networks lies within the application layers of the network, not the physical aspects.  You go to a coffee shop and get on open up your Network Connector, you will see both private and open wifi networks. Just the fact that you can see the private, or open networks, gives you a point of breach to any network on the commercial system. Yes, you can isolate a certain coffee shop, but you can’t isolate the entire commercial network. There will always be another open wifi connection at another coffee shop somewhere. The point is, that if you use the Internet you will be interfaced into the very same infrastructure that our First Responders will be utilizing. A nicely placed adware virus, like Stuxnet, could potentially take down and entire NG-911 system in a State and hold it for ransom – or worse yet – create a national disaster or terrorists attack. Why? Because the Public Safety Broadband Network being proposed by AT&T and FirstNet, will rely upon the very same commercial architecture that allows for open access to the entire planet – it’s all commercial. I don’t care how much you try to protect the network, isolate traffic, or control physical access at a COG – it only takes one laptop targeting a SCADA interface to a guide towers light to infect the entire nationwide network.

The beauty of the Stuxnet, and what makes it’s so dangerous, is that through a supposedly secure laptop, the virus was able to target a specific supervisory protocol (SCADA) that is not monitored by most network management or deep packet isolating tools heavily utilized in the commercial space. Who monitors a piece of code that tells a hardwired box to turn off and on? How do you isolate against a simplistic piece of code that specifically targets a system that blasts its traffic to all nodes? Do you know how many garage doors these days are connected to the Internet through a home wifi network? Do you know how simplistic the SCADA code is for that garage door opener, which also happens to use an unregulated RF frequency? The best and only way to insure some form of safety from such a virus, is with a closed system like the military uses. A system that is physically separate from the commercial space, or any network that can be access by the uncleared population. Why do you think Congress gave the spectrum to Public Safety and not the carriers? Well, because they realized that Public Safety needed to have its own private and isolated network of control -- just like the military. Giving the spectrum to AT&T and then hopping onto their existing commercial infrastructure is not be a good idea and I think they realized this as fact.

AT&T’s solution for FirstNet is a disaster just waiting to happen. I mean, if I were a blackhat hacker, I would be drooling for the day I could get a small piece of code, using metasploit, to infect any First Responders open access smartphone, just so I can watch the local Fire Station go bananas with false calls, or maybe take down a COG, or better yet hold them ransom. How about taking control of the Emergency Alert System? The EAS systems have been around since the forties. What if I were to create a small raspberry device to connect to the fire stations’ wifi? How about infect their garage door then target specific 911 application with a very simple acknowledgment command?

AT&T is boasting about how it will enable a fast solution to connect First Responders across the nation, but it fails to realize, or maybe it does realize, that the entire solution they are proposing is in fact riding an open architecture. I just hope the State’s understand how much of a security risk this will be for its citizens. The only way for the Nationwide First Responder Network to be safe, or at least safer, is by Opting Out of FirstNet and creating its own isolated solution. We can’t deploy all of our national assets of First and Secondary Responder solutions on the open architecture of the commercial networks – it’s just asinine. I mean we aren’t even talking about the secondary responders that will interface with our Transportation networks, our Utility Grids, and/or our Hospital systems.

But what the hell do I know I’m….

Just some guy and a blog…..

No comments:


Words to Live By: “Here’s to the crazy ones, the misfits, the rebels, the troublemakers, the round pegs in the square holes… The ones who see things differently — they’re not fond of rules… You can quote them, disagree with them, glorify or vilify them, but the only thing you can’t do is ignore them because they change things… They push the human race forward, and while some may see them as the crazy ones, we see genius, because the ones who are crazy enough to think that they can change the world, are the ones who do.” (Steve Jobs)