How do hackers invade networks?

Dear Control Engineering: I was reading the posting about hackers invading control systems. How is that possible with safeguards?

02/06/2010


Dear Control Engineering: I was reading the posting about hackers invading control systems. How is that possible with safeguards?

One of the techniques that has been in use with hackers for a while is “phishing,” which is a way for the hacker to gain access to a system by fooling a human being into unwittingly creating an access point. Usually you get some kind of email with an attachment. If you try to open the attachment, say a photo, e-greeting card, or some other type of file, it may not work properly. The message tells you that to see the file, you need to download some kind of reader or other bit of free software. If you do this, you’re doomed. That file is the hacker’s foot in the door and your computer becomes the portal for him or her to get around in the networks that connect to your computer.

There have been many variations on this approach since savvy users begin to recognize when this sort of thing is going on. If you have any sense, you aren’t going to send your bank account information because you get an email out of the blue that says your account has been frozen. I received some emails at my home account recently that claim to be from UPS and telling me that a package that I supposedly tried to ship prior to Christmas did not get delivered because the address was wrong. I’m supposed to click on the attachment for information on getting the package back. Fortunately, I’m not dumb enough to do that.

The really scary technique that has emerged recently is called “spear phishing.” It is a more sophisticated process where a motivated hacker is determined to break into a specific system to conduct industrial espionage. Let’s say your company is engaged in a specific area of business that is of interest to the hacker. He can run Web searches on your company and find the names of key individuals in strategic areas. He then sends a highly targeted email to these individuals that gives the impression of being from within the company, but it uses the same technique. The recipient is fooled into downloading something that seems entirely appropriate, but that computer now becomes a portal. From there the hacker can begin to move throughout the networks using that person’s internal clearances. It makes detecting what’s going on very difficult.

A recent article describes this method in greater detail. There are countermeasures a company can use to resist this technique, but it can be very hard to detect. Several major oil companies have had highly proprietary information stolen using spear phishing as the entry method, and they did not realize the extent of the problem until the FBI told them about it. While these begin with enterprise level and IT networks, once those networks are compromised, attackers could turn their efforts to control systems, so any invasion should be a concern to people involved in manufacturing.

Read the Control Engineering Industrial Control System Cyber Security blog.

–Peter Welander, process industries editor.

Posted by Ask Control Engineering on February 6, 2010



No comments
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by...
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
Robotic safety, collaboration, standards; DCS migration tips; IT/OT convergence; 2017 Control Engineering Salary and Career Survey
Integrated mobility; Artificial intelligence; Predictive motion control; Sensors and control system inputs; Asset Management; Cybersecurity
Big Data and IIoT value; Monitoring Big Data; Robotics safety standards and programming; Learning about PID
Featured articles highlight technologies that enable the Industrial Internet of Things, IIoT-related products and strategies to get data more easily to the user.
This article collection contains several articles on how automation and controls are helping human-machine interface (HMI) hardware and software advance.
This digital report will explore several aspects of how IIoT will transform manufacturing in the coming years.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

Mobility as the means to offshore innovation; Preventing another Deepwater Horizon; ROVs as subsea robots; SCADA and the radio spectrum
Future of oil and gas projects; Reservoir models; The importance of SCADA to oil and gas
Big Data and bigger solutions; Tablet technologies; SCADA developments
Automation Engineer; Wood Group
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
click me