[ISN] Hacktivists pose growing threat to industrial computing

From: InfoSec News <alerts_at_private>
Date: Tue, 18 Oct 2011 00:49:56 -0500 (CDT)
http://www.theregister.co.uk/2011/10/18/anonymous_threatens_scada/

By Dan Goodin in San Francisco
The Register
18th October 2011

Members of the Anonymous hacking collective are increasingly interested in 
attacking industrial control systems used to automate machinery used by 
factories, power stations, water treatment plants, and other facilities 
critical to national security, the Department of Homeland Security warned last 
month.

In a memorandum (PDF) sent to partners involved in security and critical 
infrastructure operations, members of a DHS arm known as the National 
Cybersecurity and Communications Integration Center cited several internet 
postings that indicate Anonymous' growing interest in targeting the remotely 
accessible computers used to open valves and control other gear in industrial 
facilities. The four-page document went on to say Anonymous members faced 
significant challenges, including their limited ability in hacking the gear.

“However, experienced and skilled members of Anonymous in hacking could be able 
to develop capabilities to gain access and trespass on control system networks 
very quickly,” the memo stated. “Free educational opportunities (conferences, 
classes), presentations at hacker conferences, and other high profile 
events/media coverage have raised awareness to ICS vulnerabilities, and likely 
shortened the time needed to develop sufficient tactics, techniques, and 
procedures to disrupt ICS.”

Events over the past 18 months have brought new urgency to the security of 
so-called SCADA, or supervisory control and data acquisition, systems used in 
factories, power plants, and elsewhere. Topping the list is evidence that the 
Stuxnet computer worm, which penetrated thousands of systems across the globe, 
was built as a “search and destroy weapon” by the US, Israel, or another 
country to sabotage Iran's fledgling nuclear program. The sophisticated piece 
of malware repeatedly attacked five industrial plants inside Iran over a 
10-month period and caused centrifuges for uranium enrichment to malfunction.

[...]


_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn
Received on Mon Oct 17 2011 - 22:49:56 PDT

This archive was generated by hypermail 2.2.0 : Mon Oct 17 2011 - 22:53:27 PDT