Hackers Penetrate Systems...
April 1, 2009
Expert: Hackers penetrating industrial control systems. The networks powering industrial control systems have been breached more than 125 times in the past decade, with one resulting in U.S. deaths, a control systems expert said on March 19. The managing partner of control systems security consultancy Applied Control Solutions, did not detail the breach that caused deaths during his testimony before a U.S. Senate committee, but he said he has been able to find evidence of more than 125 control systems breaches involving systems in nuclear power plants, hydroelectric plants, water utilities, the oil industry, and agribusiness. “The impacts have ranged from trivial to significant environmental damage to significant equipment damage to deaths,” he told the Senate Commerce, Science and Transportation Committee. “We have already had a cyber incident in the United States that has killed people.” At other times, the managing partner has talked about a June 1999 gasoline pipeline rupture near Bellingham, Washington. That rupture spilled more than 200,000 gallons of gasoline into two creeks, which ignited and killed three people. Investigators found several problems that contributed to the rupture, but the managing partner has identified a computer failure in the pipeline’s central control room as part of the problem. It could take the United States a long time to dig out from coordinated attacks on infrastructure using control systems, the managing partner told the Senators. Damaged equipment could take several weeks to replace, he said. A coordinated attack “could be devastating to the U.S. economy and security,” he said. “We are talking months to recover. We are not talking days.” The industrial control system industry is years behind the IT industry in protecting cybersecurity, and some of the techniques used in IT security would damage control systems, the managing partner added. “If you penetration-test a legacy industrial control system, you will shut it down or kill it,” he said. “You will be your own hacker.”
Expert: Hackers penetrating industrial control systems. The networks powering industrial control systems have been breached more than 125 times in the past decade, with one resulting in U.S. deaths, a control systems expert said on March 19. The managing partner of control systems security consultancy Applied Control Solutions, did not detail the breach that caused deaths during his testimony before a U.S. Senate committee, but he said he has been able to find evidence of more than 125 control systems breaches involving systems in nuclear power plants, hydroelectric plants, water utilities, the oil industry, and agribusiness. “The impacts have ranged from trivial to significant environmental damage to significant equipment damage to deaths,” he told the Senate Commerce, Science and Transportation Committee. “We have already had a cyber incident in the United States that has killed people.” At other times, the managing partner has talked about a June 1999 gasoline pipeline rupture near Bellingham, Washington. That rupture spilled more than 200,000 gallons of gasoline into two creeks, which ignited and killed three people. Investigators found several problems that contributed to the rupture, but the managing partner has identified a computer failure in the pipeline’s central control room as part of the problem. It could take the United States a long time to dig out from coordinated attacks on infrastructure using control systems, the managing partner told the Senators. Damaged equipment could take several weeks to replace, he said. A coordinated attack “could be devastating to the U.S. economy and security,” he said. “We are talking months to recover. We are not talking days.” The industrial control system industry is years behind the IT industry in protecting cybersecurity, and some of the techniques used in IT security would damage control systems, the managing partner added. “If you penetration-test a legacy industrial control system, you will shut it down or kill it,” he said. “You will be your own hacker.”
posted by arkietechs at 8:39 AM
0 Comments:
Post a Comment
<< Home