How Hackers Can Take Over Nuclear Power Plants


Bayshore Blog Post:

July 30, 2015

From How hackers can take over nuclear power plants

Patrick Howell O'Neill reports in the Daily Dot that there is a massive lack of security awareness in the industrial control systems community. The world’s most important facilities — think massive hydroelectric dams and nuclear power plants — are vulnerable to devastating cyberattacks. And it may be just a matter of time before someone gets hurt. But nobody panic.

That’s the overwhelming takeaway from new research set to be unveiled at the Black Hat cybersecurity conference in Las Vegas next week. The researchers have already gained the attention of major industries, but it remains unclear whether they will fix the problem before it’s too late.

The trouble centers around vulnerabilities in so-called Industrial Ethernet Switches (IES), the devices that create the internal networks that are vital for the function of modern factories, refineries, ports, and countless other industrial environments today. The critical vulnerabilities in IES allow attackers to gain access to the network, take full control, and cause potentially fatal damage, the researchers say. Industrial switches are ubiquitous in today's networked industry but rarely appear in homes, making them unfamiliar for most people. But the instrumental role they play in countless facilities means any single vulnerability has far-reaching consequences.

The vulnerabilities can lead to events reminiscent of the 2010 Stuxnet attack on Iranian nuclear facilities or the 2014 cyberattack on a German steel mill. These attacks were the first time purely digital weapons caused physical damage to their targets. Stuxnet shut down a wide swath of Iran's nuclear facilities, while the 2014 attack caused “massive” damage in the German facilities when the factory owners were unable to shut down a blast furnace.

Kirby Wadsworth

As Chief Marketing Officer at Bayshore Networks, Kirby is on a mission to educate and inspire leaders to act now to protect our industrial infrastructure - and our way of life - from cyber threats. Bringing more than two decades of executive leadership in both public enterprises and emerging startups, Kirby is a published author, keynote speaker, teacher, and frequent contributor to over 20,000 online followers.