Hello! Have you read the news report from Canada? The government reported that some hacktivists (which means people who hack for a cause) breached some systems in both the water sector and the energy sector. That means individuals were able to access systems that then affect operations including water pressure systems in a municipal system and also energy supply.
According to the Canadian Centre for Cyber Security (CCCS), there were three separate incidents:
• One was a water treatment plant where hackers manipulated the water pressure of the service and shut down the service for local residents.
• One was an oil and gas facility that operated an Automated Tank Gauging (ATG). Hackers manipulated the ATG and created false alarms.
• The third and last incident was related to a farm where hackers were able to change the temperature and humidity in a grain dryer which could have ruined a grain crop.
• These systems utilize the internet to control machines (also known as ICS, OT systems). If it is not well protected, a hacker can gain access relatively easily.
• These attacks affect water, oil, and farms - basic everyday needs.
• Even minor modifications like fake indications or incorrect settings can create major disruptions or difficulties afterwards.
So yes, it is an important issue.
• Know what is using the internet. If it does not need to be connected to the internet, turn it off.
• Use a VPN and two-step log-in for remote access.
• Keep systems updated.
• Use a firewall and intrusion detection so you identify possible intrusions early.
• Report information to relevant authorities (like the CCCS or your local cyber division) that seems unusual or suspicious.
I have always believed that systems like water and energy are the "unsung heroes" of everyday life. They are not showy, but we use them daily. After seeing hackers tamper with them, I think we really need to take cybersecurity seriously.
What Happened
The EventsAccording to the Canadian Centre for Cyber Security (CCCS), there were three separate incidents:
• One was a water treatment plant where hackers manipulated the water pressure of the service and shut down the service for local residents.
• One was an oil and gas facility that operated an Automated Tank Gauging (ATG). Hackers manipulated the ATG and created false alarms.
• The third and last incident was related to a farm where hackers were able to change the temperature and humidity in a grain dryer which could have ruined a grain crop.
Who Did This, and Why?
The CCCS stated the hackers were hacktivists, not state-sponsored hackers or professional spies. It does not appear they wanted to destroy anything; they just wanted to get publicity, promote fear, and sow distrust in the important systems.Why This Is Important
You might think, "I don't work in water or energy, I don't care" - this affects all of us. Here's why:• These systems utilize the internet to control machines (also known as ICS, OT systems). If it is not well protected, a hacker can gain access relatively easily.
• These attacks affect water, oil, and farms - basic everyday needs.
• Even minor modifications like fake indications or incorrect settings can create major disruptions or difficulties afterwards.
So yes, it is an important issue.
What Can Be Done
Even if you do not operate a power plant you can learn something. If you own or use a smart device or any Internet of Things (IoT) system, there are a few simple steps any owner can take:• Know what is using the internet. If it does not need to be connected to the internet, turn it off.
• Use a VPN and two-step log-in for remote access.
• Keep systems updated.
• Use a firewall and intrusion detection so you identify possible intrusions early.
• Report information to relevant authorities (like the CCCS or your local cyber division) that seems unusual or suspicious.
I have always believed that systems like water and energy are the "unsung heroes" of everyday life. They are not showy, but we use them daily. After seeing hackers tamper with them, I think we really need to take cybersecurity seriously.
