Security experts have been able to replicate quickly and inexpensively last year's high-profile attacks on computerized industrial control equipment in power plants in Iran – breaches that were known at the time as being so sophisticated they could only have been pulled off by a nation-state or a well-financed group of investors, according to the Associated Press.
The news could predict a new round of attacks on facilities that utilize electronic controller systems like the ones that were targeted by the Stuxnet worm in Iran.
In September of 2010, computer security company Symantec said that the Iran attacks "would not be easy for a normal group to put together," and would have to be initiated by individuals with intimate knowledge of industrial control systems.
But a year later, security researchers like Dillon Beresfordr have identified as many as a dozen vulnerabilities in the same kind of industry controllers as those used in Iran. What is worse, Beresfordr did it on his own in just two months, while investing only $20,000 in the project, says the AP.
"What all this is saying is you don't have to be a nation-state to do this stuff. That's very scary," Joe Weiss, an industrial control system expert, told the news source. "There's a perception barrier, and I think [Beresfordr] crashed that barrier."
The difficulty with mitigating attacks like those against Iran is that industrial controllers are very expensive and have large shelf-lives. This makes replacing the systems a major project for every company, government or facility that utilizes them.
Unfortunately, the AP references several examples of consulting firms that found multiple vulnerabilities in power plants, correctional facilities and other U.S.-based institutions that rely on industrial controllers.
Compounding the report is the fact that researchers have identified a new malicious program based on the infamous Stuxnet worm. Symantec – which discovered the malware, dubbed Duqu – said that it shares a lot of Stuxnet's code and compares equally in terms of sophistication.
“Duqu’s purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party,” the Symantec researchers said. “The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility."
So far, Duqu has only affected a few organizations in Europe, says Symantec.
Beecher Tuttle is a TechZone360 contributor. He has extensive experience writing and editing for print publications and online news websites. He has specialized in a variety of industries, including health care technology, politics and education. To read more of his articles, please visit his columnist page.Edited by Rich Steeves
Fresh seafood can taste great, but if it is not handled properly, people can get sick, and that can lead to business closures and lost revenues. That'…
With less than two months until the General Data Protection Regulations (GDPR) deadline, many companies have already started making sure that their bu…
The growth of Fintech probably has not escaped your attention. Whether you're a customer making contactless payments or an investor weighing up CFD tr…
We are barreling toward a future of automation. A great proportion of the six million US manufacturing jobs that have disappeared over the last few de…
There is a corner of the internet that is cloaked from every day users. Beneath the typical search engines and web browsers, an illegal marketplace is…