Get the latest BPR news delivered free to your inbox daily. SIGN UP HERE.
Op-ed views and opinions expressed are solely those of the author.
June saw auto giant Honda fall victim to a hack that compromised its networks and halted production at the company’s factories around the world. This attack, which was executed using ransomware strain which is known as EKANS or Snake, left Honda employees unable to access their company emails or internal servers. Malicious code like EKANS is specifically designed to attack the industrial control systems (ICS) that are vital to the “Industrial Process Control,” and have previously been used in attacks against industrial facilities including factories, utlility companies, power plants and others.
Attacks targeting ICS systems have the potential to cause immeasurable damage immediately by targeting our critical infrastructure, which is a constant threat in the era of state-sponsored cyber terrorism. According to a 2019 report from Russian cybersecurity firm Kaspersky Labs, 42.7% of US based ICS computers that used Kaspersky products last year were attacked by malware, ransomware, email phishing, or other threats.
Potential attacks against ICS and the related Supervisory Control and Data Acquisition or (SCADA) systems that are so critical to infrastructure are only limited by the imagination of the perpetrators. Some of the worst and most far-reaching attacks we have previously seen are:
- In March of 2000, an attack in Queensland, Australia victimized the Maroochy Shire Council’s wastewater system. This attack scrambled Communications sent by radio frequency (RF) to wastewater pumping stations. As a result, the pumps failed to work properly and alarms designed to notify engineers of problems within the system were not activated. An engineer who was monitoring the signals passing through the system discovered the breach. After an thorough investigation, the attacker was located and in April of 2001, local police discovered that the attacker, Vitek Boden, was in possession of a laptop as well as specialized Supervisory Control and Data Acquisition (SCADA) equipment that he had used in the attack. Boden was able to control as many as 150 sewage pumping stations using the laptop and a radio transmitter. Over a 3 month period, Boden was able to release millions of gallons sewage into local parks and waterways.
- 10 years ago, the attack that many warfare researchers describe as the first attack in the age of cyberwarfare, the “Stuxnet Attack,” damaged the industrial control systems of roughly one-fifth of the nuclear centrifuges in Iran. Dean Turner, an executive from cybersecurity firm Symantec, testified to the US Senate Homeland Security Committee that the Stuxnet malware attack was a wake-up call to critical infrastructure systems around the world. Stuxnet was unique, in that it is believed to be the first example of code specifically designed to target ICSs and allow hackers to take control of specific systems. Stuxnet was also dangerous for its ability to self-replicate and spread throughout multiple systems.
- The holiday season of 2015 was a memorable one in Ukraine, as on the 23rd of December, a major attack shut off electricity to almost a quarter-million Ukrainians. This attack is regarded as the first instance of a successful cyber-attack against a power grid. This attack specifically targeted an electric utility company in western Ukraine and affected an area that includes the regional capital of Ivano-Frankivsk. Attackers were able to successfully cut power at 30 substations and the result of that left over 230,000 Ukrainians without power for six hours. The utility companies SCADA equipment was temporarily disabled as power was restored manually. The post hack investigation discovered that hackers used BlackEnergy malware in exploiting macros in Microsoft Excel documents. The malware was delivered via a phishing email.
These kinds of attacks against ICS and SCADA systems have the potential to shut off power in major cities, poison the water supply and meltdown nuclear centrifuges. Right now, although the government’s focus remains on the Coronavirus pandemic and domestic issues related to perceived racial injustices and domestic terrorism, security experts in both the public and private sector need to be vigilant as most of America’s intelligence agencies and law enforcement officials remain temporarily distracted.
- Biden’s ‘off limits’ invokes Obama’s ‘red lines’ after latest hack; are cybercriminals now in control? - July 11, 2021
- Does congressional grilling of Colonial Pipeline CEO foreshadow additional governmental intervention? - June 11, 2021
- Colonial Pipeline Ransomware attack just another symptom of weak natl. security - May 12, 2021