Government-sponsored hackers are using a clever trick to attack critical infrastructure like nuclear power plants, dams, and oil refineries. According to Eric Knapp, chief cybersecurity engineer at Honeywell, one third of malware found in critical infrastructure came from USB drives plugged in by users.
Instead of trying to hack the actual infrastructure, which has beefed up security, hackers target the corporate side of the infrastructure operation, which is typically more vulnerable. The specially crafted malware infects USB drives that are being used by employees, then infects the control system of the critical infrastructure when it’s plugged in on that side.
“There’s still a need for information to flow between the business and the control system,” Knapp told Bloomberg. “The bad guys know that they need to go in that way so they’re designing their attacks to take advantage of that.”
Advanced malware like Stuxnet, which was created by the United States and Israel, specifically targeted Iranian nuclear facilities. The virus looked like normal software to nuclear power plant operators, but it slowly degraded the plant, eventually leaving the Iranians with no other option than to shut it down.
In March, United States prosecutors accused an Iranian hacker of breaking into a dam in Rye, New York, one of the first publicly acknowledged attacks on U.S. infrastructure. The hacker didn’t get very far, probably because it was a broken-ass dam.