Losing control: Critical infrastructure

Losing control: Critical infrastructure
Losing control: Critical infrastructure

So what can attackers accomplish once they are inside? The threat of outsiders with sophisticated malware targeting critical infrastructure has grown markedly in recent years. Last August, data-wiping virus Shamoon rendered 30,000 computers at the Saudi Arabia-based oil company Saudi Aramco unusable. A few months later, officials at Chevron confirmed that the U.S. oil company was hit by Stuxnet in 2010, a worm – believed to be the creation of the United States and Israel – that was originally designed to target only Siemens SCADA systems being operated within nuclear enrichment facilities in Iran. 

In October, ICS-CERT alerted the ICS sector of increased attack interest shown by malicious groups, like hacktivists. The threat report warned that these groups were using specialized search engines to identify internet-facing ICS devices as potential targets for attacks. The finding came after a security research company released hacking techniques for targeting programmable logic controllers (PLCs), computer-based hardware used to automate industrial monitoring and control processes. The exploit tools were meant for PLCs made by General Electric, Rockwell Automation, Schneider Electric and Koyo Electronics. 

Page 2 of 3
close

Next Article in Features

More in Features

Behind the scenes: Privacy and data-mining

Behind the scenes: Privacy and data-mining

With data-mining firms harvesting personal information from online activity, privacy advocates, if not yet consumers, are alarmed, reports James Hale.

The great divide: Reforming the CFAA

The great divide: Reforming the CFAA

Aaron Swartz's death inspired Rep. Zoe Lofgren to want to reform the federal anti-hacking law, but some security pros worry this would sterilize a potent enforcement weapon, reports Dan Kaplan.

Suspect everything: Advanced threats in the network

Suspect everything: Advanced threats in the network

Are there ways to catch sophisticated malware that hides in trusted processes and services? Deb Radcliff finds out.