ltechnologygroup.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.
An unnamed critical infrastructure facility was recently targeted by hackers who appear close to developing the ability to shut down operations, according to a report from cybersecurity firm Fire Eye.
The hackers — who some speculate may have been operating on behalf of a nation — used a piece of malware known as Triton to infiltrate the system. The attack marks the first known infiltration of an industrial facility’s safety systems, demonstrating the risks that connected infrastructures pose.
The hackers attacked a workstation running safety software that’s meant to be able to shut down operations when a problem arises. The workstation, running Schneider Electric’s Triconex Safety Instrumented System, was specifically targeted using a customized piece of malware written to compromise the company’s technology system. Attackers had apparently come close to developing the ability to remotely shut down the facility, or even cause physical damage by preventing safety mechanisms from functioning as designed, which could prevent operations from halting in dangerous conditions.
This attempted hack is just the latest in a long string of attempts to compromise infrastructure facilities that have been connected to the internet in order to add greater control and flexibility. The Stuxnet malware targeted Iran’s nuclear enrichment facilities in 2010, for example, while another hack, also suspected to originate with a nation-state, crippled much of Ukraine’s electrical grid in late 2015. Additionally, Symantec reportedthat electrical systems in the US, Switzerland, and Turkey were compromised by the Dragonfly 2.0 hacker group.
The potential for hacks is a risk that accompanies connecting infrastructure or facilities to the internet, but attitudes at companies could exacerbate this issue.Network and security professionals are willing to tolerate medium, or even high, levels of security risk stemming from their IoT deployments as long as they are in compliance with any regulatory requirements, according to a survey from ForeScout and Forrester Consulting.
However, as these recent and increasingly sophisticated hacks demonstrate, the bare minimum clearly isn’t cutting it. Companies with critical infrastructure connected through IoT devices need to step up monitoring of their systems in order to ensure that malware doesn’t infiltrate them. This means allocating additional budget for monitoring and audits, while taking measured steps to add connected devices to workflows without posing additional risks to security.
To receive stories like this one directly to your inbox every morning, sign up for the IoT Briefing newsletter. Click here to learn more about how you can gain risk-free access today.
- What is the Internet of Things? Definition, Industries and Companies
- IoT Ecosystem – Forecasts and Business Opportunities
- IoT Market Size, Share & Growth Forecasts
- IoT Trends, Growth & Predictions
- IoT Devices, Applications & Examples
- Top IoT Companies to Watch & Invest In
- IoT Wearable Devices & Technology
- How IoT Will Affect Security
- IoT Reports
At L Technology Group, we know technology alone will not protect us from the risks associated with in cyberspace. Hackers, Nation States like Russia and China along with “Bob” in HR opening that email, are all real threats to your organization. Defending against these threats requires a new strategy that incorporates not only technology, but also intelligent personnel who, eats and breaths cybersecurity. Together with proven processes and techniques combines for an advanced next-generation security solution. Since 2008 L Technology Group has develop people, processes and technology to combat the ever changing threat landscape that businesses face day to day.
Call Toll Free (855) 999-6425 for a FREE Consultation from L Technology Group, https://www.ltechnologygroup.com.