Hackers Penetrate, Control Water Utility

Hackers Penetrate, Control Water Utility

This post is also available in: heעברית (Hebrew)

Hackers managed to gain privileged access to a water utility’s control system and change “the levels of chemicals being used to treat tap water,” The Register reports.

The attack was first documented in the Verizon Security Solutions IT breach report using a pseudonym for the company, Kemuri Water Company, without disclosing its location.

Kemuri was attacked by a hacking group with ties to Syria, according to the report, who exploited unpatched vulnerabilities in the company’s internet-facing payment website. After gaining access, they infiltrated the utility’s internet-connected operational control system, through which the hackers manipulated the valves controlling the flow of chemicals used to treat water before it’s ready to be put into the general water-system.

Fortunately, despite changing valve settings at least twice, it appears the hackers’ activity had no particular effect on the water. This is either due to the hackers not knowing how to operate the system in questions, or due to them having no ill intent.

What this attack does demonstrate is the risible state of cybersecurity prevalent throughout the industry and at critical infrastructure facilities at large.

“Dedicated and opportunistic attackers will continue to exploit low-hanging fruit present in outdated or unpatched systems. We continue to see infrastructure systems being targeted because they are generally under-resourced or believed to be out of band or not connected to the internet,” commented on the incident Monzy Merza, director of cyber research at Splunk.

“Beyond the clear need to invest in intrusion detection, prevention, patch management and analytics-driven security measures, this breach underscores the importance of actionable intelligence. Reports like Verizon’s are important sources of insight. Organisations must leverage this information to collectively raise the bar in security to better detect, prevent and respond to advanced attacks. Working collectively is our best route to getting ahead of attackers,” he added.

The present state of cyber security at critical infrastructure installations is simply unacceptable. Hackers are more than capable of causing serious damage to a compromised facility if they choose to, as the recent breach at a German steel mill clearly demonstrates.

Vendors, operators, and regulators must step up their game, because in the fight against hackers, at this stage, they’re not even in the running.

offshore-2016_ban728x90

For more details and registration, click here.