Critical infrastructure vulnerable to simple cyber-attacks

Fri, 18 Jan 2013 15:47:00 +0000

Spearphishing -- the technique by which hackers gain access to computer networks through sending misleading, malicious emails which users click on -- is a risk to more than just small computer networks. According to the New York Times' "Bits" blog, critical infrastructure like "watersheds, power grids, oil refineries and nuclear plants" are vulnerable to spearphishing attacks.

"Spearphishing is so easy to deploy and effective that 91 percent of targeted attacks start with malicious e-mails, according to TrendMicro, a computer security firm with headquarters in Tokyo. But that same method could be used to harm utilities, power plants, gas pipelines and watersheds," wrote Nicole Perlroth.

In a demonstration to test the vulnerability to such an attack at power plants and oil pipelines, Tyler Klinger, a security researcher at Critical Intelligence sent targeted emails -- the sort that might conceal a spearphish -- to control room supervisors and engineers. The emails were easily accessible through LinkedIn and sales team contact sites.

Salon.com > pipelines

Critical infrastructure vulnerable to simple cyber-attacks