Many interesting things came out of the Black Hat conference in Las Vegas, one of which was the most definitive proof that industrial controls systems are under attack by organised groups of hackers. Kyle Wilhoit, a researcher with Trend Micro, set up a series of dummy control systems in order to lure attackers to somewhere they could be observed.
The most prominent group noticed is known as APT1, which is suspected of operating as part of China’s army. Once the decoy was infiltrated, the group began to compromise its operations and sabotage systems. They were the only ones to succeed. Wilhoit set up 12 decoys that appeared to be based in Ireland, Russia, Singapore, China, Japan, Australia, Brazil and the US. Overall, he attracted 74 intentional attacks; 10 of those managed to take complete control of the system.
Most of the non-critical attacks originated from Russia, and some from within the US. Half of the critical attacks came from China (a fact that shouldn’t surprise anyone), while the rest came from Germany, UK, France, Japan and Palestine. The fact that Palestine is capable of launching cyber attacks on industrial systems is a little disturbing.
What this shows is that water plants and similar facilities are more vulnerable to attack than anyone has admitted. While no major attack has happened yet, it may only be a matter of time before someone gets the bright idea to turn off all the power in a neighbouring country.
Source: MIT Technology Review
Edit: Since some people don’t read the comments. I would like to clarify that Palestine isn’t about the country itself it’s about the capacity to perform the same kinds of damage with less resources. The fact would still be disturbing if you replaced Palestine with Botswana or East Timur.