- October 6, 2017
- Posted by: Kerry Tomlinson, Archer News
- Categories: Archer News, Cyber Crime, Cyberattack, Hacking, Industrial Control System Security, Posts with image, Power Grid
You may worry about your phone getting hacked.
But for people running a factory or a power plant, a computer attack could mean your city is blacked out, machines go haywire and people could get hurt.
Those computers are crucial — but some people are playing games with these critical systems. Literally!
Watch our report here:
Archer News Network report: Someone’s playing games with your critical computer systems
“Maybe you know this game, Counter-Strike?” asks security researcher Vladimir Dashchenko at a cybersecurity conference this week in Madrid, Spain.
People in the audience nod.
It’s a popular first-person shooter game online, where terrorists battle counter-terrorists.
Dashchenko works with cybersecurity company Kaspersky Lab.
He’s presenting new information about how the bad guys are hacking in to the industrial computers that clean your water, make your electricity, produce your gas, your cars and more.
The bad news? Some bad guys are getting help — from workers in the factory control rooms.
Researcher Vladimir Dashchenko of Kaspersky Lab presents information on industrial computer threats at the CCI congreso in Madrid Spain in October, 2017. Image credit: Archer News
Dashchenko found a factory where employees had installed Counter-Strike on the industrial computers so they could play online.
But many of these industrial computers are only supposed to have very limited, controlled Internet access — or no Internet access at all.
Putting Counter-Strike on the computers that run big equipment so you can play online, especially without telling the security team?
A possible way to let crooks in, where they can control machines that can shut down or a factory and even kill people.
“i just asked the question ‘why.’ ‘Why did you install the counterstrike into the factory facility?’ said Dashchenko. “And they said, ‘Well, sometimes we are getting bored during the night shift. So, we’re just playing like one room versus another room.’ I was like, ‘That’s just crazy!’”
Crazy, but they’re not the only employees bending the rules.
Another cybersecurity expert says workers — not malicious hackers — are one of the biggest cyber threats for industrial computers.
“Using social media, watching movies, watching inappropriate movies is always a constant worry and issue,” Emerson’s David Foose told Archer News. “And you’re still going to have employees who find ways around your blockages.”
This may explain one of the curious points of Dashcehnko’s presentation at the Centro for Ciberseguridad Industrial (Center for Industrial Cybersecurity) conference.
One of the top ways malicious hackers are getting in to industrial computers is through the Internet, he said, despite the fact that these critical computers are supposed to be separated from the public web for protection.
The Internet is the main source of infection for industrial control system computers in the first half of 2017, according to Kaspersky Lab. Image credit: Kaspersky Lab
There are other ways as well, according to Kaspersky Lab and other experts.
The system can have security holes that let bad guys in, for example.
The company can fail to update security patches, like Equifax did, or simply set up the security system the wrong way.
Another company working on your system can leave a hole — by mistake or on purpose.
Attackers can send fake e-mails that trick people into clicking a poisoned link.
And some companies get sloppy, allowing too much connection between the office computers and the industrial computers.
But when it comes to security online, one expert told Archer News, “Few things are more dangerous than bored people.”
The challenge now — to make people more aware of how what they do online can affect not only their own lives, but the lives of many.