All the warnings from security experts throughout the years have unfortunately been disregarded, when it comes to the hackers’ threats in strategical spots, such as that of power generation. As a result, hackers have acted according to their own agenda and they have taken the world by storm.
As a result, hackers have acted according to their own agenda and they have taken the world by storm. On 23 December 2015, Ukraine suffered from an overall power blackout and that caused great distress to the people. Prykarpattyaoblenergo lost more than 30 substations, causing havoc in return. And the most frustrating thing of them all: the power stations have not yet been completely fixed. The reason is that the malware used by hackers in Ukraine for the power outing erased key files.
What does this say about security online?
The reason is that the malware used by hackers in Ukraine for the power outing erased key files. What does this say about security online?
The malware used is called “Killdisk” and was the outcome of a well-organized effort to gain control over the computers of the stations. Files appeared to the people working for the power company, attached by their “friends” – making it easier for them to open. Instead of files sent by their friends, the malware was installed into the computers and caused all these grave consequences.
On the bright side, this must have taken a lot of time and therefore, it is not the main tactic used by hackers in similar cases. However, it is always possible to happen again!
The bad news is that there are alternative ways for hackers to get inside similar systems, according to Sergey Gordeychik, who helps with Scada Strangelove, the community of experts working on discovering the faults of ICS systems.
“We can discover more than 80,000 different kinds of ICS systems connected to the internet directly,” Gordeychik told the BBC.
As a result, the ICS systems do not have the power to defend themselves against an attack. This is really frustrating, as there are ways for them to enhance online security and avoid these phenomena. The purpose of Scada Strangelove, according to Mr. Gordeychik, aims at changing that:
“The main idea is to raise awareness and to force vendors to create more secure-by-design systems.”
UK infrastructure is being scrutinized by Crest these days, trying to identify such potential threats online. According to what Ian Glover from Crest said:
“The single biggest vulnerability is connecting poorly protected corporate IT to operational technologies,” and so this is where they have focused on. “It’s much easier to exploit the corporate IT because there are so many tools you can download and use to do that,”
Of course, the aim of every security researcher out there in the UK is to enhance online security and raise awareness on such a threatening phenomenon that could blow up the structure of a whole country within minutes. Although there is a reasonable ground of worrying about what can happen in case of SCADA hacking, proper capability and intent can lead to sufficient defense against hacking threats for the UK and the world – hopefully!
Ali Qamar is an Internet security research enthusiast who enjoys “deep” research to dig out modern discoveries in the security industry. He is the founder and chief editor at Security Gladiators, an ultimate source for cyber security. To be frank and honest, Ali started working online as a freelancer and still shares the knowledge for a living. He is passionate about sharing the knowledge with people, and always try to give only the best. Follow Ali on Twitter @AliQammar57
(Security Affairs – SCADA hacking, cyber security)