Earlier this month, hackers reportedly broke into a U.S. water utility computer network and destroyed a pump using a relatively simple attack.
According to reports, hackers with Russian IP addresses infiltrated a utility based in Springfield, Illinois, using information they had stolen from a company that makes supervisory control and data acquisition (SCADA) systems. The hackers then repeatedly turned one of the utility's pumps on and off until it eventually burned out.
Joe Weiss, managing partner for Applied Control Solutions, told U.K. news provider the Register that the utility had experienced minor glitches with its SCADA system "over a period of two to three months." He also criticized the U.S. Department of Homeland Security's (DHS) response to the issue, asserting that the attack raised serious concerns about the nation's ability to secure its critical infrastructure.
“This is really a big deal, and what's just as big a deal is what isn't being said or isn't being done,” Weiss told the Register. “What the hell is going on with DHS? Why aren't people being notified?”
The DHS later issued a statement to several news agencies, noting that the department and the Federal Bureau of Investigation were investigating the matter. However, the department asserted that it was unclear whether a security breach had actually occurred.
"At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety," the DHS said, according to technology news provider CNET.
Cyberattacks against utilities are becoming a growing concern in the United States, as well as in other parts of the world, as hackers are using more sophisticated tactics to bring down utility networks. In addition to water utilities, a recent study from market intelligence firm Pike Research revealed that many of the world's power grids may also be vulnerable to such attacks.
In its report, Utility Cyber Security: Seven Key Smart Grid Security Trends to Watch in 2012 and Beyond, the research firm noted that the aging infrastructure of power grids worldwide is likely to pose significant data security challenges in the coming years. Especially as more countries gravitate to the so-called "smart grid," Pike noted, utilities can no longer assume their networks are safe from cyberthreats and need to make serious adjustments to ensure their services are not disrupted.
"Utility cybersecurity is in a state of near chaos," the report stated. "After years of vendors selling point solutions, utilities investing in compliance minimums rather than full security and attackers having nearly free rein, the attackers clearly have the upper hand."
The report highlighted several measures that can be taken to improve the security of utility networks. These include multi-factor authentication, control network isolation, application whitelisting and data encryption.
However, even with these practices in place, utilities are not guaranteed protection from a breach. These organizations must also stay on top of evolving cybersecurity trends to ensure they are aware of the tactics employed by cybercriminals and can mitigate the damage caused by such attacks. To do so, Pike recommended keeping a security event log and correlation to identify vulnerabilities across the entire network and make it possible to prevent incidents before they occur.
Attacks targeting utility and SCADA networks are only likely to increase in the coming years. In lieu of any attempts to standardize the data security levels of these systems, it is imperative that utilities take the necessary action to protect their networks and do what they can to ensure critical infrastructure is not exposed to threats.
Security News from SimplySecurity.com by Trend Micro