It wasn't just home users...but on the critical side of things, the slammer worm infected the computer systems at a nuke plant in Ohio, having taken the safety monitoring system off for 5 hours. I suppose the next question that should be asked is was Microsoft software actually in use in a nuclear power plant (or did it get it from 3rd party software that incorporated vulnerable M$ code). And if they did, why would someone depend on Microsoft for something as critical as nuclear power plant safety? A BSOD could be an annoyance for a home user, but in a nuclear reactor...the effects could be more critical (same with an intrusion through a security vulnerability).

http://www.theregister.co.uk/content/56/32425.html

At least as noted in this case, the plant was offline at the time (due to other problems) and it had an analog backup...which is unaffected by the worm. In this case that is...

BTW, reading further down (long article, reason I didn't quote it), the nuclear power plant was using MS Windows servers, and hadn't patched at least one of them with the MS SQL patch.

Yeah, WTF is a nuclear power plant doing running MS software??? :)

Seems to me the most secure way to run it would be to code custom software to take care of it so the more widely used stuff (ie, hacked) is out of the picture.

Originally posted by Riptide
Yeah, WTF is a nuclear power plant doing running MS software??? :)

Seems to me the most secure way to run it would be to code custom software to take care of it so the more widely used stuff (ie, hacked) is out of the picture.

That was my first question too...

F#CK... how many nuke plans are running this unstable ****???? A Blue Screen of Death may litteratally mean that one day!!!

Originally posted by 1stFlight
That was my first question too...

F#CK... how many nuke plans are running this unstable ****???? A Blue Screen of Death may litteratally mean that one day!!!


LOL! I though the same thing. I can just see the engie franticly Ctrl-Alt-Delete over and over.

By 4pm, power plant workers noticed a slowdown on the plant network. At 4:50pm, the congestion created by the worm's scanning crashed the plant's computerized display panel, called the Safety Parameter Display System.

An SPDS monitors the most crucial safety indicators at a plant, like coolant systems, core temperature sensors, and external radiation sensors. Many of those continue to require careful monitoring even while a plant is offline, says one expert. An SPDS outage lasting eight hours or more requires that the NRC be notified.

At 5:13pm, another, less critical, monitoring system called the "Plant Process Computer" crashed. Both systems had redundant analog backups that were unaffected by the worm, but, "the unavailability of the SPDS and the PPC was burdensome on the operators," notes the March advisory.

Currently, U.S. nuclear plants generally have digital systems monitoring critical plant operations, but not controlling them, said the expert. But if an intruder could tamper with monitoring systems like Davis-Besse's SPDS, which operators are accustomed to trusting, that could increase the risk of an accident.

Moreover, the industry is moving in the direction of installing digital controls that would allow for remote operation of plant functions, perhaps within a few years, if the NRC approves it. "This is absolutely unacceptable without drastic changes to plant computer networks," says the expert. "If a non-intelligent worm can get in, imagine what an intruder can do."

What are these people going to have to do? Have a Chernobyl or 3 mile island result from a worm infecting an MS Windows system before they realize that MS Windows isn't exactly reliable or secure enough to be be trusting the safety of a nuclear power plant on? If they don't look into better software, I should shudder to think what could happen when a system that can be so compromised will be put in charge of running (and not just monitoring) these plants.

Windows in the control systems of a reactor is in itself bad... but... and this is more important:
WHY THE HELL WAS THERE A PHYSICAL CONNECTION BETWEEN CONTROL SYSTEMS NETWORK AND THE INTERNET!!!! :(

No matter what OS you run in your control system, it MUST be un-hackable from the outside, and that will only be the case if there is no connection to the outside.