A long-time experts are power plants, water treatment plants and warned of the threat from hackers and computer systems that control critical systems for transportation. The threat is not hypothetical. The bulk of the organized before Christmas one of the energy companies in Ukraine after the cyber-attack was plunged into darkness.
Assailants have attacked in the afternoon of December 23 and they reach to electrical current and PCs Power Control Center to close the sub-centers.
Control of the energy company were off nearly 30 sub-centers in all facilities, including a sub-center of the room. The staff struggling to bring back the lights was forced to find a solution to this problem in the dark.
The attack had been used for several months passed and still Ukraine’s power company computer system as well not be able to do a malware called total disk to remove the files attacks (malicious software).
The site partners, senior director of a security company called Steven Ward, who strikes have analyzed the sequence of events associated with, say, a lot of time and effort to organize and effect of complex attacks will only.
He said the good thing is that closed out the plants or similar infrastructure is very difficult.
According to Ward, “is to some error in such a system will need to learn to understand the mechanism of the system, and method of the second industry and even an option to an industry there are also various facilities.
He said that the basic software may be the same but you will have to write some logic to get control mechanism and its installation is a unique process itself.
In Ukraine’s case, it was certainly true. Planted several months of reports about hacking attacks to find its way into the Ukrainian power plant computer systems connected to the attack effectively as possible.
Send e-mail messages to staff members involved in Ukraine group attacks, which appear as if they had been received by his closest friends and colleagues and they were trapped by these messages.
But security expert Sergei Gordy Czech industrial control systems are other ways to enter (ICS).
Gordichack, Scada strangeyou are looking for ways to open ICS systems online that are contributing to the security researcher community work. Scada (Supervisory Control and Data Acquisition) systems are used for plant and machinery monitoring in industrial plants.
He told BBC News: “We have more than 80 connected directly to the Internet can view different types of ICS system.” This is not good.
He said: “If we try to compare with laptop ICS logic controllers present in the system security standard Windows or Apple Tops It’s like Windows 95. Ten years ago, when I was very low quality, it is like the desktop operating system.
Crest organization confirmed that hackers working on corporate and government networks on moral grounds, according to its chief Ian Glover, it can be difficult. Currently Crest is currently doing research on the safety of computerized parts of the infrastructure of the UK.
The report is a survey of the plants and safeguards their organizations. This will require new ways to ensure that is to see whether digital defenses ethical hackers to find all possible bugs and weaknesses.
According to Glover in the surprising thing was the attitude of many companies that operate infrastructure in the country.
They say that the most annoying thing for me is that people were being attacked by that thought.
British intelligence and security organization, Government Communications Headquarters (GCHQ) is directed to companies to improve various parts of the UK national infrastructure practices to make managing your digital defenses. Sometimes it helps to protect them from possible attacks accordingly.
He said that soon we will be successful in our intelligence mission and operation of the services and if we can get any information about the CNI threats we give this information to the company will.
In some cases it appears that the CNI were threats were real and that they have the potential cyber-attacks against the UK national infrastructure. He added that it was not that damaging to the UK to other groups, no doubt.
That we should be concerned, he said. There are those capabilities. There are people with such intentions. But we do not look at where we are with both the intent and ability level groups.
“We are able to strengthen the United Kingdom who are everything. That depends on two should combine their capabilities and intentions. ”