Security research
Hackers prepare for sabotage of power plants
The sabotage of critical infrastructure such as power plants via the internet has been one of the major fear scenarios for years. According to the latest findings of security researchers, hackers are currently attempting to collect the necessary information on a large scale.
According to IT security experts, a hacker group that has been active for years is scouting out power plants in the West and Turkey in order to sabotage them. The aim is currently to penetrate computer networks and gather information, explained security software company Symantec. The hackers had penetrated the networks of 20 companies in the USA, 6 in Turkey and an industry supplier in Switzerland. Power plants in Germany, the Netherlands and Belgium were also targeted, but no successful attacks were detected.
In some cases, screenshots of the control software of the industrial plants were taken in order to study them. Symantec researcher Candid Wüest told Deutsche Presse-Agentur that this was one of the ways in which the attackers came closer to their goal of taking control of the systems.
"On the other hand, we have seen that documents were siphoned off in a targeted manner," said Wüest. It can be assumed that the PDF and Word files include assembly plans for individual components. "Of course, this now makes it possible to use this knowledge to better prepare for the next attack, even if the passwords have been changed." And it is precisely companies such as energy producers that sometimes remain in operation for decades with hardly any changes. Symantec has not detected any attacks on nuclear power plants.
"We see that the most likely targets are remote access and sabotage," says Wüest about the attackers' approach. In the cases known to date, hackers managed to disrupt power plants in Ukraine twice in 2015 and 2016.
According to Symantec, the group currently attempting to penetrate power plant networks has been active since 2011 and goes by the name 'Dragonfly'. The security researchers do not specify the origin of the group. Fragments in Russian and French were found in the software code, but these could also be false trails.
You might also be interested in
Cyber attacks in the 1st half of 2017
Every third attack targets the manufacturing sector
According to Kaspersky, around one in three cyberattacks on computers for industrial control systems in the first half of 2017 targeted companies in the manufacturing sector. Ransomware such as WannaCry played a major role in this.
read more...Siemens and ISA cooperate
In view of the threats to automation technology, the protection concepts for industrial plants must also be adapted. Siemens and the International Society of Automation (ISA) have therefore agreed on global cooperation in the area of cyber security.
read more...IT protection for critical infrastructures
BSI certifies first KRITIS security standard
The German Federal Office for Information Security (BSI) has certified the suitability of the first industry-specific IT security standard. It concerns the nationwide protection of critical infrastructures.
read more...WannaCry, Petya - just the tip of the iceberg?
According to a report by Trend Micro, the number of ransomware families detected in 2016 rose dramatically by around 750% compared to the previous year. Industrial control systems could also increasingly become the focus of blackmailers, according...
read more...BSI warns of cyber attacks on smartphones and laptops
The German Federal Office for Information Security (BSI) discovers an average of three critical vulnerabilities in the most widely used software products every day. This also increases the risk of cyber attacks.
read more...Secure data at international level
The 'Industrial Data Space' is an important cornerstone for the digital economy - a virtual data space for the secure and standardized exchange of data. The initiative is now entering its second phase. The goal: international standardization.
read more...Review of the 'Forum Safety & Security 2017'
The topics covered at the WEKA trade media's 'Safety & Security Forum', which took place in Munich from July 4 to 6, 2017, ranged from product safety to protecting the entire production process. Conclusion: Safety in a company is a process that...
read more...No accidental changes to files
CodeMeter 6.80 from Wibu-Systems supports Universal Write Filter (UWF), a Windows option from Microsoft that prevents accidental changes to files, which is particularly important for embedded systems.
read more...Security through network segments
The Microwall Gigabit from Wiesemann & Theis is the first in a series of easy-to-use security products for industry and manufacturing.
read more...