Is hacking just a bit of a lark, or should we take it more seriously?

Having been at the wrong end of a number of people who hacked and stole my data, I’m clearly not someone who thinks hacking is just a bit of a lark.  In fact, when used against companies and governments, these attempts to disrupt are classified as cyber terrorism and cyber war.

Unknown hackers have inflicted ‘serious damage’ to a German steel mill this year by breaking into internal networks and accessing the main controls of the factory, the German Federal Office for Information Security (BSI) revealed in its annual report.

The report says that the intrusion into the mainframe system caused significant damage to a blast furnace as the attackers managed to manipulate the internal systems and industrial components, causing outages that disrupted the controlled manner of operation.

The BSI’s didn’t mention which plant was targeted nor gave any reference to the time of the attack. The Office did note the “very advanced” capabilities of the hackers.

To penetrate the security, the intruders used a “sophisticated spear phishing” method to gain access to the core networks of the plant. Using this method, which involves targeting specific individuals within an organization, the attackers first penetrated the office network of the factory. From there, they managed their way into the production networks.

The bottom line is that if there is a sophisticated and sustained attack to get into a system, there is no way it can be kept truly safe.   There are small elements of luck, but more of then than not, access is achieved eventually.

Benjamin Sonntag, a software developer and digital rights activist told RT that cyber war has been going on for a long time. And while it is nothing new, Sonntag says, the “biggest problem” at the moment is the work of the NSA, “which handle both the defensive approach which is enhancing security of the infrastructure and the offensive approach which is attacking others with mass surveillance.”

The steel mill incident, Sonntag says, reminds him of the most famous attack on industrial control systems – Stuxnet. The trojan attack, which was first uncovered in June 2010 was allegedly used by the US and Israel to penetrate a number of Iranian facilities, most notably the Natanz uranium enrichment plant. Stuxnet was responsible for destroyed hundreds of the Iranians’ centrifuges.

“The people who do these kinds of attacks are usually either paid by the state, or mafia, or a big company,” he said. “We do not expect a nuclear power plant or steel plant to be connected to the Internet. To be computerized, but to be connected to the Internet and to be hackable that was is quite unexpected.”

Sonntag says the best way to insure the “safety” of information systems is to make attacks “public and transparent,” so the electronic community can react and protect itself against these types of threats.

The problem is that our law enforcement and judicial systems are way behind the eight ball here.  Some pretty insiduous and disasterous things are happening, but because there is no body in the library lying in a pool of blood with a candle stick nearby, people in general can’t see where the harm is in someone typing some commands on a keyboard somewhere.

I suspect there will have to be more high profile cases with some unintended consequences before the public and the authorities will start to consider cyber crimes seriously.

Until then, the criminals are almost always anonymous.  The damage is irreversible.  Nobody can get arrested, no countries can get invaded.  It’s all rather… surreal.

 

– Russia Today


Do you want:

  • Ad-free access?
  • Access to our very popular daily crossword?
  • Access to daily sudoku?
  • Access to Incite Politics magazine articles?
  • Access to podcasts?
  • Access to political polls?

Our subscribers’ financial support is the reason why we have been able to offer our latest service; Audio blogs. 

Click Here  to support us and watch the number of services grow.

As much at home writing editorials as being the subject of them, Cam has won awards, including the Canon Media Award for his work on the Len Brown/Bevan Chuang story. When he’s not creating the news, he tends to be in it, with protagonists using the courts, media and social media to deliver financial as well as death threats.

They say that news is something that someone, somewhere, wants kept quiet. Cam Slater doesn’t do quiet and, as a result, he is a polarising, controversial but highly effective journalist who takes no prisoners.

He is fearless in his pursuit of a story.

Love him or loathe him, you can’t ignore him.

39%