Hackers have been targeting infrastructure in the US and abroad, successfully breaching systems over the past several years. The details of those hacks should, but don't always, serve as a wakeup call for public and private sector organizations.
Individuals and companies often dismiss hacking news because hacking is viewed as something that happens to other people or businesses, until it happens to them, of course. Infrastructure hacks should serve as a wake-up call because hackers are compromising industrial control systems (ISC) in ways that are highly dangerous to businesses and the public at large.
Hackers Are Gaining Control of Industrial Control Systems
Earlier this month, Symantec warned its customers about ICS attacks that target safety instrument systems (SIS). An SIS is a specific type of ICS that ensures equipment is operating within pre-defined parameters. In the blog, Symantec said:
"By interfering with the operation of an SIS, an attacker could cause it to malfunction and shut down [sic] operations at a plant. A worst case scenario is an attack where [a safety instrument system] malfunctions, does not detect an unsafe event and therefore fails to prevent an industrial accident."
The danger here is mistaking an actual threat from a hypothetical one. Just because hackers haven't exercised the power they could doesn't mean that they can't do it. Nevertheless, the fact they haven't exercised that power gives some people and organizations a false sense of security, so they dismiss the threat and carry on.
US power grid attacks have been happening for the past several years. In 2014, Symantec reported that energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry industrial equipment providers had been targeted and that firms in the US and abroad had been breached. "These infections not only gave the attackers a beachhead in the targeted organizations’ networks, but also gave them the means to mount sabotage operations against infected ICS computers."
Why Infrastructure Attacks Should Concern You
Apart from the obvious – potential floods, potential service disruptions, and potentially devastating situations, such as the meltdown of a nuclear facility – today's industrial equipment and plants are connected to the Internet. In the consumer world, we have the "Internet of Things" or "IoT" which refers to Internet-connected devices and environments such as smart houses, baby monitors, cars and Fitbits, for example. The parallel in the industrial world is the "Industrial Internet of Things" or "IIoT." That simply means industrial equipment that's connected to the Internet.
These attacks are a clear and present danger to our nation, our businesses, ourselves and our families. But the scope of the threat may not be well-understood until planes fall from the sky, businesses are unable to operate, and murder or mass murder by keyboard becomes a commonplace crime.
Our charter is to protect US governments and businesses from the oppression caused by cyberterrorism. We're actively working with partners now to advance that charter, the details of which we look forward to sharing with you in the coming months and years.
Make no mistake. The world is at war and the battlefield is cyberspace.