Hacking any & everything that moves – don’t drink the water
It bears repeating that one of the most major concerns about cyber crime is how it poses a critical risk to our national infrastructure, if such systems are left unprotected. Systems that, without the proper security, could be co-opted by hackers to, say, alter the chemicals in the flow of a water treatment plant. This is exactly what happened to one unnamed water company’s operation control system, which was breached by intruders with alleged ties to Syria. According to the Verizon Security Solutions report that broke the news, the hackers “managed to manipulate the system to alter the amount of chemicals that went into the water supply and thus handicap water treatment and production capabilities so that the recovery time to replenish water supplies increased.” As an aside, it’s pretty sad when the actions of a group of cyber criminals sound less horrible than those of elected officials in Flint, Michigan.
Lack of clarity regarding the victims in this case, and the specific effects of the water contamination, doesn’t diminish the severity of such a breach, or how alarming it is. Whether or not the hackers were just trying to test their capabilities, and the vulnerabilities of the network, or after something even more malicious, incidents like these highlight those vulnerabilities. Often, they are the result of several factors attackers can take advantage of, including the fact that they can be under-resourced or not connected to the Internet, according to Splunk director of cyber research Monzy Merza; or full of holes in the perimeter network, which can itself sometimes have full access to the more secure side, creating a pathway to attack.
Despite Merza’s call for organizations to make greater use of shared cyber threat intelligence (CTI), a report from McAfee Labs found that only 42 percent of respondents do so. Taking note of some of the obstacles to this increased flow of information—specific organizational policies, regulatory restrictions, risks, etc.—rings a similar tone to the lack of intelligence sharing among the countries in the European bloc, and the notion that this allows terrorists to carry out their Paris and their Brussels attacks with greater ease. How appropriate that these same shortcomings pose a danger to people’s safety in both scenarios.
Vice president of Intel Security’s McAfee Labs group, Vincent Weafer, says that “Given the determination demonstrated by cybercriminals, CTI sharing will become an important tool in tilting the cybersecurity balance of power in favor of defenders.” I hope this happens sooner rather than later, especially since general knowledge of cybersecurity issues still seems sorely lacking. Learning from Vice’s Motherboard about CNBC’s attempt to instruct people on their website on the importance of strong passwords by inviting them to enter their own and test their strength…only to store the passwords in a Google Docs spreadsheet, and even expose them to advertisers and other third parties who have trackers on CNBC’s site. Oops. From malicious intent to erroneous behavior, the onus is on everyone to educate and protect themselves.