Efficient Plant April 2018 - 32
Why Do Hackers Hack?
Unauthorized parties want access to your plant's data for several reasons, any of which
can lead to catastrophe.
CYBERSECURITY SHOULD be a major concern with respect to all plant
systems. Yet, according to Allan Evora of systems integrator Affinity Energy,
Charlotte, NC (affinityenergy.com), some owners of mission-critical facilities
may be ignoring the issue when it comes to SCADA and other human-machine
interfaces. After all, they reason, who would want access to that type of information in the first place? As Evora wrote in a recent blog post on his company's
website, "There are quite a few reasons." They include:
Allan Evora is president of Affinity Energy, Charlotte, NC (affinityenergy.com).
Valuable information outside a facility. The hack
could have nothing to do with the facility and everything
to do with the big picture. Consider a central energy
plant (CEP) connected to a hospital network. The hacker
could be looking for an easy avenue into that network.
The hospital network could be heavily protected, but the
CEP's avenue into it might not. Protected health information, such as birth dates, social security numbers, and
addresses, commands high prices on the black market.
Valuable information inside a facility. The hack
could have everything to do with the facility. Information
on the amount of energy being produced or the level of
environmental contaminants being introduced into the
atmosphere can also be valuable. Hackers also could be
looking for insider-trading information to sell, or seeking
data for anti-government or green-activist organizations.
Sabotage. Activist hackers (hacktivists) could be
looking to sabotage an organization's business practices
to send a message. Or, for power-gen or utility operations, they might be looking for an easy way to disrupt
the entire grid.
Exploitation. If a system is important to a site's daily
operation, it's at risk. A hacker who can gain access to
and install ransomware within the system can have a
significant impact on business finances.
Random, dumb luck. Hackers use network scanners
to find ports that are open across the internet. There are
also well-known websites that list IP-enabled devices
that are discoverable on the internet. Even when trying
lists of commonly used usernames and passwords,
hackers might not know what organizations they are
hacking. They're simply attacking a potential vulnerability. If network ports happen to be open, they'll get in,
find valuable data, install malware to keep tabs on the
operation to see if any new exciting information comes
in, and then get out.
"In general," Evora noted, "most hackers just care about
the valuable information they find on your network that
they can sell on the black market." Go to affinityenergy.
com/5-scada-security-considerations/ to read his recommendations for combating the problem. EP
- Jane Alexander, Managing Editor