Iranian hackers managed to breach the network of a U.S. dam at some point in 2013, a report reveals, raising concerns about the security of critical pieces of infrastructure.
The dam in question was a small one, situated less than 20 miles from New York City, The Wall Street Journal reports. According to former and current U.S. officials and experts familiar with the attack, which was kept as secret thus far, the White House was concerned about this kind of attack. By accessing the controls of a dam, or other pieces of critical infrastructure, a nation could cause an explosion or flood in the U.S. without using any army equipment.
The Journal explains that the country’s power grid, factories, pipelines, bridges and dams can become “prime targets” for digital armies, as they’re connected to the Internet and apparently sitting largely unprotected. Many industrial systems are old, the news site explains, predating the consumer Internet. Once hooked up to the Internet, however, they can become easy targets for hackers who know what they’re doing.
In recent years, rogue hackers, as well as attackers suspected to be connected with foreign governments, have attacked various digital targets in the U.S. from retail chains to the U.S. government
Federal investigators involved in the attack thought that the original target might have been a larger dam in Oregon.
Initially, investigators were not able to point out the way hackers infiltrated the network. They are believed to have gained access to the dam through a cellular modem, although other details aren’t offered. Hackers didn’t actually take control of the dam but probed the security system. The Bowman Avenue Dam is believed to be the dam attacked by hackers in the incident.
U.S. Intelligence agencies noticed the attack while monitoring computers they suspected were linked to Iranian hackers involved in attacking American targets including Captial One, PNC Financial Services, Sun Trust Banks and others. One of those machines was apparently crawling the Internet in search of U.S. industrial-control systems.
Ultimately, the attackers did not pursue any other actions against their initial target. It’s not known at this time whether other dams or infrastructure targets were probed during the attack.
According to the Journal, the U.S. has more industrial-control systems connected to the Internet than any other country at more than 57,000. Security experts believe that companies have done little to protect them against cyberthreats.
The Journal’s entire report on the matter is available at the source link.