In the continuously threatening rise of cyber attacks, hackers have destroyed a pump that piped water to homes throughout a city in Illinois, reports BBC News.
As the FBI and the Department of Homeland Security investigate the issue, what is clear so far is that hackers with access to the water facility’s network have most likely broken the pump by turning it on and off in quick succession. According to a report by the Illinois Statewide Terrorism and Intelligence Center, hackers gained access through stolen logins and passwords, which were obtained from a company that writes control software. The IP address of the hacker was traced back to Russia.
Meanwhile, DHS is sifting through details of what could be a second attack, in which a hacker claimed he had access to the control systems for a second U.S. water facility. He posted a document to a site called Pastebin, in which he put up screenshots for what was supposedly the internal control system for a water treatment plant in South Houston. The hacker’s claims have yet to be confirmed or denied by South Houston’s Water and Sewer Department.
These incidents are part of not only a growing interest in infrastructure by cyber attackers, but of an ongoing series of attacks on systems using the Supervisory Control and Data Acquisition systems, continued the report. These systems are most dangerous when tampered with, as many control machinery used to filter water, mix chemicals, distribute energy, and route trains.
And the list of what can be hacked in today’s world, said a report by Yahoo’s technology blog, goes far beyond just water systems.
Medical devices like insulin pumps and pacemakers, it said, are potential targets, particularly for cyber attackers who are seeking out select individuals. Though these are normally life-saving devices, hackers can use their built-in wireless systems to do quite the opposite.
With pacemakers, for example, doctors use their internal wireless features to make subtle adjustments to them without the need for unnecessary surgery. However, the signal they use is not encrypted; this means that any hacker with the correct reprogramming hardware for such a device could manipulate it remotely, causing cardiac arrest or even death.
Meanwhile, the signals of insulin pumps can be hijacked from a distance of up to half a mile away by manipulating simple radio antennas, giving a potentially life-threatening blast of insulin to the wearer.
Other hackable items include OnStar security systems – which many cars have, baby monitors, and garage door openers.
Lani Kass, a former advisor on security issues to the U.S. Joint Chiefs of Staff, said the U.S. had to start doing more work to track and understand these types of attacks.
The popular feeling, she said, is that it’s “always just an incident or occurrence. And if every incident is seen in isolation, it’s hard – if not impossible – to discern a pattern or connect the dots.”
“Failure to connect the dots,” she concluded, “Is what led us to be surprised on 9/11.”