The South Carolina Geodetic Survey

1
(No Transcript)
2
Requirements of a Network

• Good working relationship with IT
• Secure location for antenna and receiver
• Uninterrupted power
• Capability to log on remotely

3
The SC RTN

• We manage the accounts in-house
• We have a user fee
• We have one type of subscription
• Have application and user agreement online

4
The South Carolina Real Time Network
NCSP
NCSH
NCHE
NC77
NCMR
NCPO
NCRO
NCLU
NCWH
NCSL
GACC
SC Real Time GPS Network (SC RTN)
SC RTN comprises 53 base stations continuously
collecting and transmitting GPS data SC RTN
provides real-time corrections, via cell phones,
to users in the field operating GPS
equipment Users in the field provided with
real-time coordinates and elevations accurate
to 0.1 foot 471 Subscribers to the SC Real Time
Network include, but are not limited
to Registered Professional Land Surveyors and
Engineers Geographic Information System (GIS)
Professionals Federal, State, County and
Municipal Planners SCDOT and SCDOT Contractors
using GPS Machine Control for Road
Construction The Army Corps of Engineers
SCHA
Legend
HEIGHT MODERNIZATION STATION Located at
non-SCDOT site
SCEB
HEIGHT MODERNIZATION STATION Located at SCDOT site
PROPOSED SITE
5
The SC DOT

• Thirty six receivers
• All assigned an internal 10. address
• Data streams to the SCDOT headquarters
• SLA between the two offices
• VPN between SCDOT and ORS server farm

6
Other Locations

• Educational facilities
• Colleges, Technical Colleges
• Municipal Buildings
• Court Houses, Public Works facilities, Pump
  Houses, State Port Authority, State Offices
• Fire Departments

7
Network ConfigurationFirst Generation
8
Network ConfigurationSecond Generation
9
Receiver Trimble NetR9
10
Firewalls and Protection
11
Static IP Address
12
IO and HTTP
13
Password Protection
14
The Situation

• SCGS was contacted by an  IT contractor working
  for a municipality that hosts one of our base
  stations. The IT contractor had received an email
  from the IT service provider stating that a
  device, identified by our specific IP address,
  had been used to create false requests for data.
• The requests appeared to be from the target of
  a cyber-attack but were actually generated
  through the NTP server of the GNSS receiver. The
  small amount of data used to create the requests
  in turn generates an exponentially larger amount
  of data directed at the target.
• Upon notification from the IT provider, the IT
  contractor disconnected our device from the
  municipalitys network.
• SCGS remotely disabled the NTP server at one of
  our functioning base stations.
• SCGS has learned that the affected receivers were
  identified and exploited by a malicious search
  program. All SCGS receivers are now operating as
  NTP client only with the NTP server disabled. 

15
First true Security problem we have encountered
16
Closing

• The security of a network goes back to having a
  great cooperation with your local IT department. 
  Building that alliance is instrumental in
  offsetting type of cyber attack to a network. 
  The idea here is that attacks happen 24 hours a
  day on a network. 

17

• Thank-you!
• Matt Wellslager
• South Carolina Geodetic Survey
• 5 Geology Rd
• Columbia, SC 29212
• 803-896-7715
• matt.wellslager_at_scgs.sc.gov