- August 30, 2017
- Posted by: Kerry Tomlinson, Archer News
- Category: Archer News, Cyber Crime, Cyberattack, Hacking, Industrial Control System Security, Posts with image, Power Grid, Ransomware
Why what happens in Peru matters to you.
These days, even your salad can be hacked.
Cyber crooks can get into the machines that handle and process your food and keep your water clean.
That’s why Archer News Network traveled to Peru, to keep you up-to-date about the machines that you depend on to eat, drink and live.
Watch our report here:
Archer News Network takes you to Peru in the search for answers about your food, water and power.
Peru is a land of ancients, civilizations built from stone and dirt. But between the mountains and the sea, a new era is rising, a new era is rising — the digital age, where Peru’s most critical machines are connected by computer and potentially vulnerable to attack. These are the machines that make your electricity and your food, clean your water, bring you gasoline and more.
“If I don’t have electricity, I can’t turn on the lights in my house. Okay, if I don’t have these things, I also don’t have hospitals,” said cybersecurity researcher Claudio Caracciolo. “There are a lot of serious effects.”
Caracciolo works with CCI, the Center for Industrial Cybersecurity (in Spanish, the Centro de Ciberseguridad Industrial, or CCI).
He’s from Argentina, but came to Peru to help people figure out how to protect that critical infrastructure, from factories, no nuclear plants, to traffic lights.
“I don’t an attack in a nuclear center that causes a world attack,” Caracciolo told Archer News. “I don’t want an attack in a water company to kill people in some part of the world. What interests me is for people to live and live well.”
Lima, Peru in June 2017. Image credit: Archer News
Not far from the shore in Lima, Peru’s capital city, CCI holds a ‘congreso,’ or conference.
Here we learn some numbers that are troubling to some experts.
A survey of people running the country’s critical infrastructure shows gaps in security.
One in five has not checked to see if they have security holes in their system.
One in six has not separated their office computers from their industrial computers.
That is crucial, because attackers can get into office computers pretty easily though tricky e-mails with poisoned links.
If you don’t separate your computer systems, the bad guys may be able to jump from the office side to the industrial side and do damage.
Peru is a mix of old and new, as seen in this square in Lima. Image credit: Archer News
It’s already happened in other parts of the world.
For example, at a water company, where malicious hackers broke in through the billing system and messed with the chemical levels in the water, according to the Verizon RISK Team data breach digest in March 2016.
“Today what we are trying to do is protect people,” said Caracciolo. “And the best way to protect people is to share.”
Share, he said — challenges, obstacles and solutions. Because what happens in Peru — and in Argentina — could spread far beyond their borders.
“This is not a South American issue, this is actually a world-wide issue,” said Gabriel Faifman, who works with GE Digital.
Faifman is originally from Argentina, like Caracciolo, and is now living in Canada. Like Caracciolo, he spoke at the CCI congreso in Peru.
“They hit anywhere. They hit Europe. They hit the U.S.,” Faifman said to Archer News.
Claudio Caracciolo of CCI speaks to Archer news at the 2017 CCI congreso in Lima, Peru. Image credit: Archer News
The “Peta-NotPetya” ransomware in June started in Ukraine, but infected computers in dozens of countries, including U.S. hospitals, shipping companies, U.S. drug maker Merck and the Cadbury chocolate factory in Australia.
“If an attack like this happens, we can expect consequences world-wide,” Faifman said. “So, we need to make the people conscious about what is happening and how they can help.”
How can you help?
Stay aware of the dangers online, learn about your own cybersecurity, and be careful about clicking on links and downloading things that could be infected, because what you do could affect your work and home.
Archer News Network will help you stay aware, with stories about your digital world.
Disclosure note: Archer News Network’s parent company is Archer Security Group. One of the managing partners of Archer Security Group is also a member of CCI.