![]() Project files contain a wealth of customized information about a specific customer’s network and operations, says Patrick Miller, president and CEO of EnergySec, a nonprofit consortium that works with energy companies to improve security. Hannah wouldn’t say whether attackers had downloaded the project files or altered them. And Telvent is actively working with law enforcement, with security specialists and with customers to ensure that this breach has been contained.” “We’re working directly with our customers, and they are taking recommended actions with the support of our Telvent teams. “We are aware of a security breach of our corporate network that has affected some customer files,” spokesman Martin Hannah told Wired in a phone call. Attackers have also hacked customer systems by first breaching a vendor’s network and using its direct remote access to breach customers.Ī Telvent spokesman confirmed the breach of its own network to Wired on Tuesday. Often, intrusions occur because the vendor has placed a hardcoded password into its software that gives them access to customer systems through a backdoor - such passwords can be deciphered by attackers who examine the software. The company said it had established “new procedures to be followed until such time as we are sure that there are not further intrusions into the Telvent network and that all virus or malware files have been eliminated.”Ī hack via a vendor’s remote access to a customer’s network is one of the primary ways that attackers get into systems. “Although we do not have any reason to believe that the intruder(s) acquired any information that would enable them to gain access to a customer system or that any of the compromised computers have been connected to a customer system, as a further precautionary measure, we indefinitely terminated any customer system access by Telvent,” the company said in the letter, obtained by KrebsOnSecurity. To prevent the latter from occurring, Telvent said in a second letter mailed to customers this week that it had temporarily disconnected its remote access to customer systems, which it uses to provide customer support, while it investigates the breach further. Or they could use Telvent’s remote access into customer networks to infiltrate customer control systems. Peterson says this would also be a good way to infect customers, since vendors pass project files to customers and have full rights to modify anything in a customer’s system through the project files.Īn attacker could also use the project files to study a customer’s operations for vulnerabilities in order to design further attacks on critical infrastructure systems. One of the ways that Stuxnet spread - the worm that was designed to target Iran’s uranium enrichment program - was to infect project files in an industrial control system made by Siemens, with the aim of passing the malware to the computers of developers. The breach raises concerns that hackers could embed malware in project files to infect the machines of program developers or other key people involved in a project. Telvent calls OASyS “the hub of a real-time telemetry and control network for the utility grid,” and says on its website that the system “plays a central role in Smart Grid self-healing network architecture and improves overall grid safety and security.”īut according to Dale Peterson, founder and CEO of Digital Bond, a security firm that specializes in industrial control system security, the OASyS DNA system is also heavily used in oil and gas pipeline systems in North America, as well as in some water system networks. The attackers installed malicious software on the network and also accessed project files for its OASyS SCADA system, according to KrebsOnSecurity, which first reported the breach.Īccording to Telvent, its OASyS DNA system is designed to integrate a utility’s corporate network with the network of control systems that manage the distribution of electricity and to allow legacy systems and applications to communicate with new smart grid technologies. ![]() 10 it learned of the breach into its network. Telvent, which is owned by Schneider Electric, told customers in a letter that on Sept. The maker of an industrial control system designed to be used with so-called smart grid networks disclosed to customers last week that hackers had breached its network and accessed project files related to a control system used in portions of the electrical grid.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |