The remote breach of a Scada (supervisory control and data acquisition) controller unit is thought to have caused the partial shutdown at a US water processing plant in Illinois, prompting experts to once again question the security of vital infrastructure.
Authorities say an attacker was able to obtain login credentials and access a Scada controller that managed a water pump. The credentials are believed to have been obtained through a breach at a firm that develops controller software for the device.
The attacker then used the compromised Scada to turn the pump off and on multiple times, eventually causing the unit to fail on 8 November.
Andrew Brandt, director of research for Solera Networks Research Labs, told V3 that in many cases security on Scada devices is a "Tootsie Pop" [lollipop] situation in which an attacker who penetrates the external layers of security will find a "soft centre" that can make controlling the device easy.
"For the most part they are not necessarily designed to be connected to the internet, but engineers can put in workarounds for remote access," Brandt explained.
"Anytime you do this you put in a pathway where someone can get in."
Researchers have traced the system used in the attack to Russia. Brandt cautioned that the attackers could simply be using a hacked system as a proxy, and may not even be the same party responsible for the breach of the software developer.
Attackers have in the past used compromised systems to sabotage industrial equipment. The Stuxnet malware was believed to have been developed to access and sabotage nuclear centrifuges in Iran, while the Duqu malware is similarly believed to target industrial hardware.
While no serious damage resulted from the attack, the event is once again bringing close scrutiny to the security of critical infrastructure and Scada systems in particular.
For Brandt, the real issue goes beyond Scada devices and extends to all internet-connected appliances.
"Attacks are getting targeted at these edge-case machines where they want to steal something specific," he said, "and it is that specificity which to me gets scary."
Warming was most pronounced in Siberia region
The tank will be subjected to high stresses and loads via dozens of hydraulic cylinders during testing
'Sunlit wet sidewalk' provides evidence of methane rainfall on the north pole of Saturn's moon Titan
Methane rainfall indicates the start of the summer season in Titan's northern hemisphere
Scientists believe there could be other hydrides or superhydrides with super conducting properties