How do hackers invade networks?

Dear Control Engineering: I was reading the posting about hackers invading control systems. How is that possible with safeguards?

02/06/2010


Dear Control Engineering: I was reading the posting about hackers invading control systems. How is that possible with safeguards?

One of the techniques that has been in use with hackers for a while is “phishing,” which is a way for the hacker to gain access to a system by fooling a human being into unwittingly creating an access point. Usually you get some kind of email with an attachment. If you try to open the attachment, say a photo, e-greeting card, or some other type of file, it may not work properly. The message tells you that to see the file, you need to download some kind of reader or other bit of free software. If you do this, you’re doomed. That file is the hacker’s foot in the door and your computer becomes the portal for him or her to get around in the networks that connect to your computer.

There have been many variations on this approach since savvy users begin to recognize when this sort of thing is going on. If you have any sense, you aren’t going to send your bank account information because you get an email out of the blue that says your account has been frozen. I received some emails at my home account recently that claim to be from UPS and telling me that a package that I supposedly tried to ship prior to Christmas did not get delivered because the address was wrong. I’m supposed to click on the attachment for information on getting the package back. Fortunately, I’m not dumb enough to do that.

The really scary technique that has emerged recently is called “spear phishing.” It is a more sophisticated process where a motivated hacker is determined to break into a specific system to conduct industrial espionage. Let’s say your company is engaged in a specific area of business that is of interest to the hacker. He can run Web searches on your company and find the names of key individuals in strategic areas. He then sends a highly targeted email to these individuals that gives the impression of being from within the company, but it uses the same technique. The recipient is fooled into downloading something that seems entirely appropriate, but that computer now becomes a portal. From there the hacker can begin to move throughout the networks using that person’s internal clearances. It makes detecting what’s going on very difficult.

A recent article describes this method in greater detail. There are countermeasures a company can use to resist this technique, but it can be very hard to detect. Several major oil companies have had highly proprietary information stolen using spear phishing as the entry method, and they did not realize the extent of the problem until the FBI told them about it. While these begin with enterprise level and IT networks, once those networks are compromised, attackers could turn their efforts to control systems, so any invasion should be a concern to people involved in manufacturing.

Read the Control Engineering Industrial Control System Cyber Security blog.

–Peter Welander, process industries editor.

Posted by Ask Control Engineering on February 6, 2010



No comments
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by...
Each year, a panel of Control Engineering editors and industry expert judges select the System Integrator of the Year Award winners.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
Learn how to create value with re-use; gain productivity with lean automation and connectivity, and optimize panel design and construction.
Go deep: Automation tackles offshore oil challenges; Ethernet advice; Wireless robotics; Product exclusives; Digital edition exclusives
Lost in the gray scale? How to get effective HMIs; Best practices: Integrate old and new wireless systems; Smart software, networks; Service provider certifications
Fixing PID: Part 2: Tweaking controller strategy; Machine safety networks; Salary survey and career advice; Smart I/O architecture; Product exclusives
The Ask Control Engineering blog covers all aspects of automation, including motors, drives, sensors, motion control, machine control, and embedded systems.
Look at the basics of industrial wireless technologies, wireless concepts, wireless standards, and wireless best practices with Daniel E. Capano of Diversified Technical Services Inc.
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
This is a blog from the trenches – written by engineers who are implementing and upgrading control systems every day across every industry.
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

Case Study Database

Case Study Database

Get more exposure for your case study by uploading it to the Control Engineering case study database, where end-users can identify relevant solutions and explore what the experts are doing to effectively implement a variety of technology and productivity related projects.

These case studies provide examples of how knowledgeable solution providers have used technology, processes and people to create effective and successful implementations in real-world situations. Case studies can be completed by filling out a simple online form where you can outline the project title, abstract, and full story in 1500 words or less; upload photos, videos and a logo.

Click here to visit the Case Study Database and upload your case study.