Hacks on ciritcal infrastructure are more common than you think

Posted on Posted in Hacker News

HACKERS WHO SEEK to destroy, rather than steal, important data and launch attacks on systems that control major critical infrastructure are more common than widely believed, a report from the Organisation of American States has revealed.


The report was given to Reuters ahead of publication and quoted the results of a poll of critical infrastructure companies and agencies in crucial sectors throughout North and South America.

Almost a third of the respondents were public entities, principally in the communications, security and finance industries.

The figures show that 40 percent of the organisations that responded had battled attempts to shut down their computer networks, while 44 percent had dealt with bids to delete files.

A disturbing 54 percent of those surveyed had encountered “attempts to manipulate” equipment through a control system.

Even more worrying is that just 60 percent of the 575 companies polled had detected any attempts to steal data, long considered the predominant hacking goal.

The report suggests that cyber attacks on infrastructure are not so widely known, but they are certainly not unheard of. The most notable is the Stuxnet assault on Iranian nuclear centrifuges throughout the 1990s, widely linked to the US and Israel.

In case you missed it, Sony Entertainment suffered an unprecedented cyber attack last year when its film division’s servers were breached, resulting in leaked emails and information about major Hollywood films, deals and celebrities.

The hackers threatened Sony, leaked its remake of Annie, and posted Sylvester Stallone’s social security number online.

However, it was also revealed that Sony didn’t make it too difficult for the hackers to breach its systems, having held passwords in a file named ‘passwords’.

The file included log-ins for services like Facebook and something called MySpace – no, us neither – and suggests that someone at Sony needs a lesson in security, or at the very least a lesson in file-naming.

The hack disrupted the company for months and led to the departure of chairwoman Amy Pascal, fuelling concerns of similar cyber attacks in the future.

Quelle: theInquirer