Cyberattack on German STEEL Mill INFLICTS Serious DAMAGE
Text to Speech
Unknown hackers have inflicted ‘serious damage’ to a German steel mill this year by breaking into internal networks and accessing the main controls of the factory, the German Federal Office for Information Security (BSI) revealed in its annual report.
The report says that the intrusion into the mainframe system caused significant damage to a blast furnace as the attackers managed to manipulate the internal systems and industrial components, causing outages that disrupted the controlled manner of operation.
The BSI’s didn’t mention which plant was targeted nor gave any reference to the time of the attack. The Office did note the “very advanced” capabilities of the hackers.
To penetrate the security, the intruders used a “sophisticated spear phishing” method to gain access to the core networks of the plant. Using this method, which involves targeting specific individuals within an organization, the attackers first penetrated the office network of the factory. From there, they managed their way into the production networks.
Benjamin Sonntag, a software developer and digital rights activist told RT that cyber war has been going on for a long time. And while it is nothing new, Sonntag says, the “biggest problem” at the moment is the work of the NSA, “which handle both the defensive approach which is enhancing security of the infrastructure and the offensive approach which is attacking others with mass surveillance.”
READ MORE: Stuxnet patient zero: Kaspesky Lab identifies worm’s first victims in Iran
The steel mill incident, Sonntag says, reminds him of the most famous attack on industrial control systems – Stuxnet. The trojan attack, which was first uncovered in June 2010 was allegedly used by the US and Israel to penetrate a number of Iranian facilities, most notably the Natanz uranium enrichment plant. Stuxnet was responsible for destroyed hundreds of the Iranians’ centrifuges.
“The people who do these kinds of attacks are usually either paid by the state, or mafia, or a big company,” he said. “We do not expect a nuclear power plant or steel plant to be connected to the Internet. To be computerized, but to be connected to the Internet and to be hackable that was is quite unexpected.”
Sonntag says the best way to insure the “safety” of information systems is to make attacks “public and transparent,” so the electronic community can react and protect itself against these types of threats.
READ MORE: http://on.rt.com/wb1r9f
۞=============================۞
SERANGAN Siber ke ATAS Kilang KELULI Jerman DITIMPAKAN Kerosakan SERIUS
Penggodam yang tidak diketahui telah disengajakan 'kerosakan serius' untuk sebuah kilang keluli Jerman tahun ini dengan memecahkan ke dalam rangkaian dalaman dan mengakses kawalan utama kilang, Pejabat Persekutuan Jerman bagi Keselamatan Maklumat (BSI) mendedahkan dalam laporan tahunannya.
Laporan itu mengatakan bahawa pencerobohan ke dalam sistem kerangka utama yang menyebabkan kerosakan yang ketara kepada bagas relau sebagai penyerang berjaya memanipulasi sistem dalaman dan komponen industri, menyebabkan gangguan yang boleh menjejaskan cara yang dikawal operasi.
Yang BSI ini tidak menyebut mana tumbuhan itu disasarkan dan tidak memberikan apa-apa sebutan kepada masa serangan itu. Pejabat tidak perhatikan "tersangat maju" keupayaan penggodam.
Untuk menembusi keselamatan, penceroboh menggunakan " lembing phishing canggih " kaedah untuk mendapatkan akses kepada rangkaian teras kilang. Dengan menggunakan kaedah ini, yang melibatkan mensasarkan individu tertentu di dalam sebuah organisasi, penyerang pertama menembusi rangkaian pejabat kilang. Dari sana, mereka berjaya dengan cara mereka ke dalam rangkaian pengeluaran.
Benjamin Sonntag, pembangun perisian dan aktivis hak digital memberitahu RT bahawa perang siber telah berlaku untuk jangka masa yang panjang. Dan manakala ia bukan perkara baru, kata Sonntag, "masalah yang paling besar" pada masa ini adalah kerja-kerja yang NSA, "yang mengendalikan kedua-dua pendekatan pertahanan yang meningkatkan keselamatan infrastruktur dan pendekatan ofensif yang menyerang orang lain dengan pengawasan besar-besaran."
BACA lanjut: Stuxnet pesakit sifar: Kaspesky Lab mengenal pasti mangsa pertama cacing di Iran READ MORE: Stuxnet patient zero: Kaspesky Lab identifies worm’s first victims in Iran
Insiden kilang keluli, Sonntag berkata, dia mengingatkan serangan yang paling terkenal pada sistem kawalan industri - Stuxnet. Serangan trojan, yang dia dikesan pada bulan Jun 2010 telah didakwa digunakan oleh Amerika Syarikat dan Israel menembusi beberapa kemudahan Iran, terutamanya di loji Natanz pengayaan uranium. Stuxnet adalah bertanggungjawab untuk beratus-ratus dimusnahkan sentrifugal Iran' . . .
2014-12-22 07:34:37
source
Gloss