backtop


Print 31 comment(s) - last by macthemechanic.. on Aug 7 at 1:40 AM

Data is no longer the only target of cybercriminals

As the most popular operating system in use around the globe, Microsoft Windows is also the most targeted OS for cyber criminals looking to steal data and exploit systems. In the past when hackers attacked a system, they were often looking to steal or change data to suit their needs.

However, cyber attacks and malicious code are now being designed that look to actually take over systems that perform functions in major companies including critical systems in the financial and power industries. Many of these attacks are executed taking advantage of security holes in the Windows operating system.

The U.S. government has created a team of security experts to help industrial firms prepare for a new onslaught of hackers that are bent on taking over the physical systems of power plants and other industry hardware. The reason that the U.S. government is creating a team to help private companies is because as much as 85% of the critical infrastructure for power and other utilities are owned by private firms.

The Canadian Press reports that many attacks have occurred overseas where hackers were trying to take over physical systems rather than steal data. Hackers are targeting power plants increasingly and recent attacks have officials in America concerned.

"People are recognizing that the ability to impact industrial control systems has increased," said Sean McGurk, director of control systems security for DHS. "This type of malicious code and others we've seen recently are actually attacking the physical components, the devices that open doors, close doors, build cars and open gates. They're not just going after the ones and zeros (of a computer code); they're going after the devices that actually produce or conduct physical processes."

One of the latest computer worms that could take over physical systems is the Stuxnet worm. The worm is able to potentially infect computer systems because networks and operating systems in many power plants are very old and haven't been patched with new security fixes. The networks are also often not firewalled from access by high traffic networks and at times are not separated from the internet.

The DHS has been deploying its teams of security experts around the country to assess weaknesses in systems. These teams are also called in to help companies identify and fix networks and computers after cyber attacks. So far the security teams have been dispatched to provide assistance 13 times, in nine of the instances the attacks were deliberate, and four were an unintended result of an operator's action.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Welcome to several years ago
By DuctTapeAvenger on 8/4/2010 10:44:46 AM , Rating: 2
This is not a recent concern. The only question is if steps have been taken to help prevent this, and if not, why? The government and security groups are aware of the flaws in this system, and have documented cases of how easy it is to break in, and what the effects would be.

I really wish I could remember the name of the news series, but there was a couple videos made a few years ago about the attempts on our infrastructure (potential and real), and the fight against it. It outlined how easy it is to get into our systems, what would need to be done to protect them, and the steps that have been made to start working against these threats. It's scary how easy it was for them to gain access to critical components of major facilities, and cause damage.




RE: Welcome to several years ago
By BF04 on 8/4/2010 11:51:12 AM , Rating: 1
"I remember reading this year that the DMV JUST upgraded from a 20-30 year old mainframe. Can you imagine that?"

They had to go back to the mainframe. The one guy who was the administrator complained to the union. The union forced DMV to go back to the mainframe as it would put him out of a job. He has no requirement to train for anything new. So in another 20-30yrs after he retires they can upgrade.

/sarcasm off, yes I am kidding but only about that particular article. I have a friend who is desperately trying to upgrade some government networks but cannot because of the union will not allow it due to the workers.

We do have a ton of stimulus money left. Besides paying to study African ants, maybe we could build the private network. I think the private network is the best real solution and really is not that hard to do.


RE: Welcome to several years ago
By JediJeb on 8/4/2010 2:07:04 PM , Rating: 2
It is sad but true. I am all for Unions protecting workers from bad employers, but when they put security at risk or cause places to operate far less efficient just to protect a few jobs then they have lost their usefulness. Seriously, they have caused more jobs to be lost by off-shoring than they have saved using this tactic.


RE: Welcome to several years ago
By HrilL on 8/4/2010 6:20:22 PM , Rating: 2
We don't need a different network. The Current networks are already designed to have networks within the overall bigger network. Lots of companies have inter WAN networks that go all around the world and they are not connected to the Internet per say. While it does use the same infrastructure it is no one the same network. The problem is that lease lines cost more because the telco companies know they got your balls in their grip if you want a completely secure WAN.


"If they're going to pirate somebody, we want it to be us rather than somebody else." -- Microsoft Business Group President Jeff Raikes














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki