This is certainly one of the areas that concerns me the most, attacks on water systems. The reason for my concern is that one could be very, very subtle with the attack and do great damage to both people and property...and avoid detection during the attack setup phase.
Hackers are known for attacking the computers of banks and government agencies. Now they have a new favorite target: the U.S. water system.
By Jordan Robertson, July 3, 2012 6:06 PM EDT
In an unsettling new report on cyber attacks against the nation’s critical infrastructure, the Department of Homeland Security said that water plants were targeted 81 times in 2011, compared with only two incidents in 2010.
Last year’s attacks accounted for about 40 percent of the online assaults against U.S. control systems, which are computers that run industrial facilities. There were 198 attacks on control systems in 2011, a nearly fivefold increase over 2010 when the number was 41, according to the agency’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).
The overall numbers highlight the increased sophistication of cyber attackers and the higher stakes in targeting infrastructure. Doomsday scenarios abound for critical infrastructure assaults, from destroying oil and gas pipelines, blacking out power grids, or contaminating water supplies.
The effectiveness of the Stuxnet computer worm, which damaged nearly 1,000 centrifuges in an Iranian nuclear plant and was jointly developed by the U.S. and Israel, according to The New York Times, shows the destructive power of computer attacks that can inflict physical damage, an area of growing interest for governments.
While most computer attacks are still large in scale and involve financial fraud, such as the theft of online banking passwords and credit card numbers, some attackers are exploring smaller, more harmful assaults on physical infrastructure.
The main reason water systems had more attacks in 2011, according to ICS-CERT, is one unidentified technology vendor was selling a remote-access program that insecurely authenticated users. The fact that the program connected to the Internet and could be found through highly specialized searches allowed hackers to easily discover it inside multiple facilities, said the report, which was released last week.
Water-infrastructure operators were more targeted than energy companies (31 incidents in 2011), nuclear facilities (10) and chemical providers (9). Other targets include government facilities (11) and even dams, national monuments and transportation systems, according to ICS-CERT.
Many of the incidents investigated by the agency involve successful infections, some of them yielding odd results.
For instance, an unidentified facility had its control-systems plans posted on the Internet earlier this year. Intruders had not only stolen the plans, but also made adjustments to its energy management system, leading to “unusually warm” temperatures in the facility, according to ICS-CERT. The organization unplugged its network from the Internet upon discovering the breach.
It was unclear from the report whether turning up the heat and stealing the control system’s schematics was the ultimate goal of the attack, or if the attackers had more nefarious plans in mind.
That's odd. I can understand government run servers, intelligence agency servers, etc, to have a need to communicate with one another, and the internet being the most convenient (although less secure) medium, however water stations are water stations. They can operate independent of being hooked up to the web, and being as vital as these installations are, why subject them to such attacks by doing just that, hooking their systems up to the internet?
I'm sure there's some sort of "convenience" to it (being able to control/monitor systems remotely), but is that convenience really worth the risk?
"This is certainly one of the areas that concerns me the most, attacks on water systems"
...for a bunch of "experts".. i can't believe how wrong they can get security.. the ONLY guarantee to combat cyber attacks against such important utilities.. is to design the system OFF the internet grid.. they should work and operate independently.. that way they wont need to rely on fire walls and "experts" but rather good ol' fashion sercurity guards, walls and wire..
EDIT: Just saw your post and couldn't agree more E7..Â
This message has been edited by varangian on Jul 5, 2012 2:32 AM
"I'm sure there's some sort of "convenience" to it (being able to control/monitor systems remotely), but is that convenience really worth the risk?"
Actually retrofitting security into any system tends to cost significantly more than had security been designed into the system from the start.
I wonder if we will see the repatriation of 1st line support jobs back to North America after the massive (and short sighted) outsourcing of them through the 90s and 00s?
Current Topic - What’s In Your Water Now? Hackers
![[Cyberwar Central Links & Resources]](http://www.network54.com/Realm/cwcgraphics/v2/lrg1.png "Cyberwar Central Links & Resources")
![[Cyberwar Central]](http://www.network54.com/Realm/cwcgraphics/v2/titleg1.png "Cyberwar Central")
![[Cyberwar Central Members Area]](http://www.network54.com/Realm/cwcgraphics/v2/mag1.png "Cyberwar Central Members Area")
![[Exchange Links with CWC]](http://www.network54.com/Realm/cwcgraphics/linktrade.png)
![[linked image]](http://forgifs.com/gallery/d/202313-1/Grandma-runaway-wheelchair.gif)
