BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

The Impact of Industrial Cyber Attacks Affect Everyone

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Wed, 17 Sep 2014 19:47:58 -0600
http://www.collegerecruiter.com/blog/2014/09/17/impact-industrial-cyber-attacks-affect-everyone/

Most people are taking steps to protect their private information. They are
careful about who they provide their information to and they make sure that
they follow basic rules of safety when they are using their computers.
Hackers are still going to try to steal private information in any way they
can, but they are having to work harder to do it.

It is a good thing that there is software to protect individual’s computers
such as the Immunet antivirus software. It is one of the main lines of
defense that individuals have for their computers. The thing that is very
important to realize is just how much computers are being used in the world
today. They are not just being used to help students with homework or to
allow bored housewives to go shopping from the comfort of their couch. They
are being used by businesses as well. The computers in use at businesses
also are performing many things that people may or may not be aware of.
They are used by many things other than the office workers of a business.
They are also being used to control the industrial operations of many
businesses.

Most people do not think about the computers that are used in industrial
settings. They do not usually see them or even realize what the computers
are doing. That should lead people to wonder what would happen if there was
a cyber-attack on an industrial computer. Would they be safe?

A Cyber Attack Scenario

When people turn on their water faucet at home, they expect to get drinking
water that is safe. They do not realize that the water treatment plants
used to purify the drinking water are controlled by computers. Imagine what
can happen if a computer hacker gained control of the computers at the
local water treatment facility. Instead of providing safe drinking water
the water plant may produce a liquid that could cause serious harm to
millions. The damage could happen before anyone knows it and the impact
could be widespread. Fixing the problems that are caused in this scenario
could require a lot of time and money. It is not something that is easy to
do. The worst part is that the people who are impacted by this attack would
not have had much control over it.

Is this a real threat?

One of the biggest dangers of a cyber-attack on an industrial setting is
that most people do not think it is a danger. They will assume that if they
are smart enough to use antivirus software like AVG or Immunet on their
home computer, then the big industrial companies that rely on computers to
do their work will have a protection that is much better.

The reality is that many industries do not even have the simple Immunet
protection for their computers. They are not only targets, they are easy
targets. Consider these reports of cyber-attacks on industrial computers.

- 2012 – Hackers got into the computers at NASA’s Jet Propulsion
Laboratory. This facility had control over 23 spacecraft.
- Oil Companies – They have reported an increase on attacks to their
computers in recent times.
- December to May, 2012 – Oil pipeline operators were targeted by hackers.
- August 2012 – 300,000 computers on Saudi Aramco were wiped out.

According to ICS-Cert there were more than 20,000 attacks on industrial
computers in the last 6 months of 2012. That represented a 400% increase in
vulnerability in just a years’ time. The problem is not just limited to the
computers being used by different industries. There have also been problems
related to the increased use of smartphones and mobile computer devices.
These are also very vulnerable to attack.

Another Danger

The cloud is being used to store more information and people expect it to
be securely stored. That is not the case. Hackers have recently been
gaining access to the images that people stored in the cloud and starting
publishing nude pictures of celebrities. They got them by hacking into the
cloud. Fake cellphone towers are being found around the United States.
These towers are being used to monitor the transmissions. What is
particularly dangerous about this is that many of the towers were found
located near military bases. Who knows what kind of information can be
found out by the hackers that put these towers into place.

It is not a good idea to underestimate the importance of the rise of
cyber-attacks on industrial computers. They can cause harm to large groups
of people if they are successful and many individuals may think they do not
have any control over it. While most industrial computers are using
safeguards to protect them not everyone is doing this. It is up to the
public to make sure that companies start to take computer security as much
as the individuals do.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!
Previous By Date Next
Previous By Thread Next

Current thread: