cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Here we go, were they prepared?

Hi All

 

Well, lots of talks about impending Cyber security attacks on critical infrastructure - but now it has happened in the UK:  Were they prepared or was it a case of bottom line, and bury ones head in the sand as usual?

 

https://ia.acs.org.au/article/2020/uk-electricity-grid-hit-by-cyberattack.html?_lrsc=8c299fee-c346-4...

 

Regards

 

Caute_cautim

5 Replies
dcontesti
Community Champion

Problem with ICS system owners, is that they believe they have done "Security by Obsecurity" so well that folks will never be able to affect them.

 

Add to this all the news happening on Covid-19 hacks/scams/etc., folks may be letting their guard down.

 

I am curious as there isn't alot of information here on the attack (probably never will be) but the inability to send/receive emails, implies that 1) the hacker disabled the mail system itself, which means they got quite far into the system  or 2) they have disabled some ports on the firealls ....

 

The article does not say that they cannot create mail....they just cant send it.

 

Given either 1 or 2, if I were them, I would be searching my systems for additional malware that may have been downloaded, etc.

 

my thoughts only

 

d

 

 

 

denbesten
Community Champion


@dcontesti wrote:

Problem with ICS system owners, is that they believe they have done "Security by Obsecurity" so well that folks will never be able to affect them.


That, and air gapping.  Airg apping can be extremely effective, but completely falls apart the moment one realizes they can save money by implementing remote support and end up somehow compromising the air gap.

 

Although not precisely the same scenario, I use Davis-Besse as my example when I help people work through the risk analysis regarding remote support.

dcontesti
Community Champion

I love Air gapping but unfortunately we had to eliminate when the Accounting folks wanted real time numbers for product costing, etc.

 

 

AlecTrevelyan
Community Champion

This is nothing more than an amusing non-story from last week's news, which amounts to little more than "random company suffers ransomware attack"...

 

This quote from The Register about sums everything up:

 

"A complex and vital market mechanism, any failure in the BSC would cause severe headaches for accountants trying to reconcile their figures. The financial side of the UK's electricity market is, however, well insulated from the wiggly amps making their way along the nation's cables." Smiley LOL

 

The company involved is effectively a financial middleman brokering deals between the UK's National Grid and the power generating companies. They are in no way, shape or form considered "critical infrastructure".

 

Don't believe the hype!

 

dcontesti
Community Champion

Thanks for the clarification, however my comments still stand related to companies with ICS.

 

Even if they are only doing billing/sales/etc. if I were them I would still be doing a deep dive into my systems.  If I can stop the email system just think of the other damage that I might be able to do....change the rate (cost) of electricity to be 0.00001 cents per KWH or 100 pounds per KWH......lots of potential for havac.

 

d