Critical infrastructure remains at risk: Kaspersky

The Die Hard 4 scenario, where critical infrastructure is taken over by gangs of cyber criminals is a very real possibility

Tags: Kaspersky Lab
  • E-Mail
Critical infrastructure remains at risk: Kaspersky Eugene Kaspersky says that enterprises should pull out all the stops on IT security measures.
By  Georgina Enzer Published  June 13, 2013

The Die Hard 4 scenario, where critical infrastructure is taken over by gangs of cyber criminals is a very real possibility says Eugene Kaspersky chairman and CEO Of Kaspersky Lab.

With the rise of IT controlled critical infrastructure systems comes the very real possibility of mass cyber attacks on critical infrastructure, which could plunge entire towns, cities and countries into a state of complete chaos.

“Let’s look at a Die Hard 4-esque scenario; theoretically a situation is possible where, let’s say, a system for distributing purified drinking water is attacked, as a result of which somewhere at a distant installation the other side of the country a breakdown occurs. But the control centre doesn’t know anything about it; the attackers have sent to its computers false data, after exploiting vulnerability. Actually, this isn’t just a scenario; something very similar to it has already occurred in real life, several years ago,” explains Eugene Kaspersky, chairman and CEO of Kaspersky Lab.

An example, cited by Kaspersky, of cyber sabotage at its potentially most dangerous was in a direct attack on supervisory control and data acquisition (SCADA) industrial control systems in 2000 in Australia.

An employee of a third-party contractor who was working on the control systems of Maroochy Shire Council carried out 46 attacks on its control system, which caused the pumps to stop working or not work properly, according to Kaspersky.

The communication channels inside the SCADA system had been breached and information travelling along them was distorted. Several months later companies and the authorities managed to work out what had happened; the worker really wanted to get a job at the sewage firm, was rejected, and decided to flood a huge area of Queensland with sewage.

“With particular regard to the Middle East, the recent, extremely sophisticated targeted attacks detected by Kaspersky Lab [Stuxnet, Duqu, Flame, Gauss] mostly occurred in this region, some of them being aimed at industrial control systems, thus representing acts of if not just espionage, then war too,  cyber espionage and cyber war,” says Kaspersky.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code