Undercover hacking threats used to be just a Hollywood storyline. However, according to one tech researcher, they may be more real than we previously thought.
Last December, a decoy water control system, designed to look identical to a U.S. municipal water system, was attacked by the Chinese hacking group ATP1. According to Trend Micro researcher Kyle Wilhoit, who presented the research at the Black Hat conference in Las Vegas, 12 similar decoy systems in other countries were subject to 74 attacks between March and June of this year.
For IT execs in government and other public service utilities, this research is the stuff of nightmares. Wilhoit’s work showed that the group that initiated this attack was more interested in design information than sabotage, but they took a route that could also be used to destroy the essential components of the water control system. Other similar hacking groups, more interested in destruction than ATP1, apparently attack with little regard for the consequences of their actions; without specific design documents of the systems they’re invading, these hackers can only make their best guess at what their attempts will do.
For now, Wilhoit says these groups are most interested in small public utilities, although as they hone their skills they may begin to target larger enterprises. None of the attacks he identified showed a high level of sophistication, suggesting that the hackers are still refining their strategies before initiating more significant attacks.
Do you think this threat is ripe, and we need to be wary of attacks on government systems? Or is this just premature hype?