RealNews

Why power plants need anti-virus

Utility companies are been urged to review cyber security risks as the industry moves over from proprietary technologies to cheaper Windows-based systems. Attendees at an Industrial Cyber Security Conference in London on Tuesday 15 March were told that the control systems of utilities are becoming open to the kinds of attacks that bedevil corporate systems, such as computer worms and DDoS attacks, as power and water companies embrace the net. What’s the evidence for this? PA Consulting and Symantec, the joint organisers of the event and not exactly disinterested parties, cite an Australian case where a disgruntled ex-employee, Vitek Boden, hacked into a water control system and flooded the grounds of a hotel with million of gallons of sewage in March and April 2000. In Russia, malicious crackers managed to take control of a gas pipeline run by Gazprom for around 24 hours in 1999. Then there’s a case where the Slammer worm affected the operation of the corporate network at Ohio’s inactive Davis-Besse nuclear plant and disabled a safety monitoring system for nearly five hours in January 2003. Using this, and other largely anecdotal evidence, PA and Symantec paints a picture of critical systems rife for attack. There was a presentation on how to hack water control systems at a recent Birmingham hacker convention (BrumCum), they say – don’t you see it’s all about to kick off. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.