SCADA (Supervisory Control and Data Acquisitions) systems are the most important components for the control of processes inside a critical infrastructure. A recent report published by Dell revealed a 100 percent increase in the number of attacks on industrial control (SCADA) systems.
The new Dell Annual Threat Report revealed that the number of attacks against supervisory control and data acquisition (SCADA) systems doubled in 2014 respect the previous year.
Unfortunately, the majority of incidents occurred in SCADA systems is not reported. The experts confirmed that in the majority of attacks are conducted by politically motivated APT groups. The knowledge of the model of SCADA system deployed in a critical infrastructure could allow an attacker to run a targeted attack through a specifically designed malware, Stuxnet was developed with the intent to interfere with Iranian nuclear program by infecting control systems at the Natanz nuclear plant.
SCADA systems are everywhere, from water facilities to nuclear plants, their protection is an essential part of a cyber strategy of any government. They were relatively unknown, even to information security experts, that was until
Idan Aharoni, founder & CEO of Inteller intelligence firm, have discovered the availability in the underground of information related to SCADA systems, including its credentials. The circumstance is disconcerting because this information in the wrong hands could represent a serious threat for the Homeland Security.
The expert discovered fraudsters claiming to have access to several SCADA systems, in order prove it, they posted screen shot from a supposedly compromised component.
The following image appears to be from a SCADA system in France, the expert speculates that is part of the control system of some hydroelectric generator.
The fraudster also shared three IP addresses and VNC passwords (remote desktop) to other three SCADA systems, the analysis of the IP addresses revealed that they belong to France Carries Orange FR and Keyyo.
“the fact that compromised SCADA systems are now offered for sale for anyone to purchase, including jihadists and hacktivists, should not be taken lightly.” wrote Aharoni.
The discovery is disconcerting because groups of terrorists, cyber criminals and state-sponsored hackers could gain access to the SCADA system causing serious damages.
(Security Affairs – SCADA, underground)
Qualys warns of two information disclosure flaws in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise…
Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread…
The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…
ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its…
Victoria’s Secret took its website offline after a cyberattack, with experts warning of rising threats…
Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a…
This website uses cookies.