Plants worldwide at risk of cyber attacks: researcher
Page 1 of 1 • Share
Plants worldwide at risk of cyber attacks: researcher
LAS VEGAS: Researchers warned on Wednesday that energy facilities and industrial plants of all kinds are vulnerable to destructive cyber attacks, in some cases with something as simple as a text message.
Frightening presentations at a prestigious Black Hat computer security conference were preceded by official alerts to energy producers detailing the weaknesses and urging steps be taken to beef up defenses.
"This is not just the United States, it is around the globe," said Tim Roxey, director of risk assessment at the North American Electric Reliability Corporation (NERC) responsible for enforcement of industry standards.
"If somebody really has you in their sites, they've got you," he said of the situation.
Black Hat presentations that triggered the NERC alerts revealed that "PLC" units that control basic factory functions ranging from turbines to valves or even sorting could be commandeered by hackers.
The point was to debunk myths of how it took a nation state with millions of dollars and teams of researchers to penetrate nuclear power plants in attacks by an infamous "Stuxnet" virus, according to NSS Labs security researcher Dillon Beresford.
Beresford described finding a way into PLCs made by Germany-based Siemens AG in a matter of weeks working in his bedroom.
A Siemens representative that took part in the presentation said the company has been working with researchers on the situation.
"It is not only nation states that have this capability, it is now in the hands of researchers and will inevitably get into malicious hands," Beresford said.
"It could be some lone hacker," he continued. "Most people with the time and resources could pull this off."
Cyber attackers would need to get access to machines, which was said to be less daunting than it sounded, according to Beresford.
Research presented by iSEC Partners security consultant Don Bailey showed
that mobile Internet connection cards used in some PLCs in remote locations
could be given commands by text messages, provided the senders knew the numbers assigned to cards.
"We can talk about vulnerabilities in PLCs, GSM (mobile networks), or my socks," Bailey said.
"But the talk has to be about the cost, and machine-to-machine communications exploding in the GSM world," he continued.
Computers insulated from the internet by "air gaps" could find defenses breached by mobile connection cards used for long-distance monitoring or links to sensors that feed information to the Internet, according to Bailey's research. (AFP)
Frightening presentations at a prestigious Black Hat computer security conference were preceded by official alerts to energy producers detailing the weaknesses and urging steps be taken to beef up defenses.
"This is not just the United States, it is around the globe," said Tim Roxey, director of risk assessment at the North American Electric Reliability Corporation (NERC) responsible for enforcement of industry standards.
"If somebody really has you in their sites, they've got you," he said of the situation.
Black Hat presentations that triggered the NERC alerts revealed that "PLC" units that control basic factory functions ranging from turbines to valves or even sorting could be commandeered by hackers.
The point was to debunk myths of how it took a nation state with millions of dollars and teams of researchers to penetrate nuclear power plants in attacks by an infamous "Stuxnet" virus, according to NSS Labs security researcher Dillon Beresford.
Beresford described finding a way into PLCs made by Germany-based Siemens AG in a matter of weeks working in his bedroom.
A Siemens representative that took part in the presentation said the company has been working with researchers on the situation.
"It is not only nation states that have this capability, it is now in the hands of researchers and will inevitably get into malicious hands," Beresford said.
"It could be some lone hacker," he continued. "Most people with the time and resources could pull this off."
Cyber attackers would need to get access to machines, which was said to be less daunting than it sounded, according to Beresford.
Research presented by iSEC Partners security consultant Don Bailey showed
that mobile Internet connection cards used in some PLCs in remote locations
could be given commands by text messages, provided the senders knew the numbers assigned to cards.
"We can talk about vulnerabilities in PLCs, GSM (mobile networks), or my socks," Bailey said.
"But the talk has to be about the cost, and machine-to-machine communications exploding in the GSM world," he continued.
Computers insulated from the internet by "air gaps" could find defenses breached by mobile connection cards used for long-distance monitoring or links to sensors that feed information to the Internet, according to Bailey's research. (AFP)
Rao Muhammad Aftab- Monstars
-
Posts : 1091
Join date : 2011-02-11
Age : 35
Similar topics
» Cyber attacks also targeted Gmail rivals
» Plants clean air pollution better than expected
» Garlic-made pills ineffective against flu: researcher
» White House Admits Cyber Attack, Says No Data Lost
» Al-Qaeda weighed attacks on US trains
» Plants clean air pollution better than expected
» Garlic-made pills ineffective against flu: researcher
» White House Admits Cyber Attack, Says No Data Lost
» Al-Qaeda weighed attacks on US trains
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
Today at 2:01 pm by ali001
» Goorevi App
Thu Nov 21, 2024 6:50 pm by ali001
» AMERICA EARNS! - Gift Card App
Mon Nov 18, 2024 11:07 am by ali001
» Kanba - Manage your Tasks
Thu Nov 14, 2024 12:21 pm by ali001
» Hemangiom'App
Tue Nov 05, 2024 11:25 am by ali001
» MindfulMe - Mental Health App
Mon Nov 04, 2024 10:50 am by ali001
» Learn Candlestick Patterns
Tue Oct 15, 2024 5:51 am by ali001
» Woh Pagal Si Episode 52 to 62 - Top Pakistani Drama
Sat Sep 21, 2024 6:26 pm by Mir Emmad Ali Khan Domki
» Nearu - share your socials
Sat Sep 21, 2024 1:12 pm by ali001