Hacker help in cyber chinks
But while the focus remains on big-ticket issues, we fail to appreciate how vulnerable all our industries are and the cumulative shock that our economy can receive if these are attacked to regress our industrial growth. The general belief that industrial systems are safe if not connected to internet is highly naive.
Industrial espionage and cyber attacks on industrial networks including critical infrastructure is not a new phenomenon, supervisory control and data acquisition system (SCADA) being far more vulnerable. Such an attack had caused the 1982 Siberian pipeline explosion with a Trojan inserted into SCADA software. Since then, there have been numerous cyber attacks world over: disabling multiple emergency systems, attacking floodgates of dams, shutting power and communications at airports, gas pipeline failure; crippling nuclear monitoring, shutting down hospital systems and more.
In year 2000, an ex-employee issued radio commands to the sewage system in Australia resulting in 8,00,000 litres of raw sewage flowing in reverse, causing major spills, submerging grounds of Hyatt Regency Hotel, killing marine life, turning creek water black and unbearable stench continuing for days. In more recent times, we have heard of Stuxnet, Du Qu and Flame; Stuxnet jointly developed by US and Israel that attacked centrifuges of the Iranian nuclear programme, Qu Du used extensively for industrial espionage and Flame primarily for cyber espionage in the Middle East and slowing down the Iranian nuclear programme.
But while the focus remains on such big-ticket issues, we fail to appreciate how vulnerable all our industries are and the cumulative shock that our economy can receive if these are attacked to regress our industrial growth. The general belief that industrial systems are safe if not connected to Internet is highly naive.
At a recent event organised the Cyber Security and Privacy Foundation at Anna University, Chennai, a pair of Brazilian network specialists (one hacker and another industrial control system expert) held the audience in complete awe. The hacker (Ewerson Guimaraes), who runs Delabs (a security research laboratory), presented the vulnerabilities of servers on Citrix platform where even simple tasks like using the ‘help’ option or hot keys can lead to hacking the server itself.
Significantly, he has found vulnerabilities in ‘all’ the operating systems. Even simple tasks like using ‘help’ option or hot keys can lead to hacking servers on Citrix platform. Citrix applications are widely used by companies to provide virtualised applications. Hacking involved using help menu of applications to gain control of the server on just pressing CTRL+F1 to bring the shutdown screen of the server.
Ewerson wrote to Citrix eight years ago to fix this vulnerability but this has not been rectified. The Brazilian industrial control system expert (Jan Seidl) demonstrated how public services could be abused in order to disrupt systems while avoiding detection. He demonstrated how communication between servers could be disrupted, ‘faking’ vital data that can lead to irreparable damage to industries.
The paradox is more because SCADA systems are increasingly being adapted by industries, especially for power distribution and for controlling critical processes like in steel plants, and these systems are becoming more and more vulnerable. As part of his demonstration, he even disconnected the physical controlling unit PLC (programmable logic controller) from the system after replacing it with his own software simulation which took over control effortlessly. According to him, at least 99 per cent of industrial platforms can be attacked even when isolated from Internet. Industrial malwares are being increasingly used by governments and corporations to target specific installations, Stuxnet being one example.
As per a report in the Wall Street Journal in July this year, hacker firms like Auriemma and Ferrante would have sold their services to Israel, Britain, Russia, India and Brazil, reportedly some of the biggest spenders in this regard. ReVuln specialises in finding remote vulnerabilities in industrial control and US and Israel both have exploited a series of flaws in operating systems including in Windows. Governments are paying thousands of dollars to learn and exploit chinks in computer systems of adversaries. Not without reason, China has an army of over 60,000 civilian hackers other than within PLA and the PLA spearheads Chinese cyber warfare. Our cyber security establishment and NTRO need to take note. Undoubtedly, there is plenty of talent (IT engineers, hackers and others) in the country that merely needs harnessing and direction. The views expressed herein are the personal views of the author.