Inside a Government Hacker Defence Drill

Gadgets & TechPosted on October 18, 2011 Mash_Mine

Hacker Defense DrillBreaching copyright laws is a thing of the past, forget it. Instead turn take a look at this US Government Hacking Defense Drill. The aim of this? To defend against malicious hacker terrorism! Everyday drills like this take place across government research labs in an effort to defend against attacks on corporate computer systems that control electricity plants, chemical factories, pumping systems and anything else could cause harm if it were taken over by a terrorist group (and group in this sense is referring to anything from a small team of hackers to a large international terrorist organization). The United States Department of Homeland Security has stated that attacks do in fact occur and are ongoing, with hackers “kicking on the doors” of industrial systems.

In this video (via CNN) there are two teams battling it out in a simple attack – defense exercise. The red team is trying to take over the chemical plant, and the larger blue team is trying to defend against the mock attack. The exercise takes place in a lab in Idaho, which facilitates a mock up chemical plant, with a computer system monitoring and controlling the valve and pump systems for the plant.

The aim of this defense drill is to protect against the four stages o ftypical security breaches that a corporation could face, namely Phishing Attacks, Toeholding, Subversion and Man in Middle.

 

1 – Phishing Attacks

Phishing attacks aim to exploit trust. Many of us have received fraudulent emails asking for personal details in a shoddy attempt the “phish” personal details from us. Experienced hackers would not have much trouble with this aspect of the attack. A fraudulent email would be received from an expected email address. In this example, the attackers recognized that the system was most likely to be secure, and that their way into the system would probably be through human error. Executives within the company are likely to have access to information on productivity, system logins and other important information.

2 – Toeholding

In this exercise, the chosen method to breach the security system was by using a phishing attack. The phishing attack saw the red team send a fraud email to an executive of the company (from a seemingly legitimate email account). The email featured a link, which when clicked initiated the toeholding phase of the hack. The toeholding phase can also be referred to as “getting your foot in the door”, which is commonly used by hackers when stealing confidential information or financial information.

3 – Subversion

Once a the foot has been gotten in the door and the toehold process has been initiated, the red team is able to view almost anything they wish to. They soon discover the surveillance camera’s in the chemical plant’s control room and take them over, disabling them from the blue team and any third party security team that may be monitoring the plants performance visually. Similarly, the red team could simply remain discreet in the system and observe the staff and hardware available to the blue team. Through observation they could gauge working times, physical security, control panels, mechanical devices and even gather information that could benefit them in a secondary attack. Should an attack be launched by the red team, they can also observe their opponents reactions and hedge against them.

4 – Man In Middle

Sophisticated hackers can place their system neatly between the blue team operators and the machines they are trying to control. They could at any moment decide to overtake both operator and machine, or they could decide to listen to the activity going on between the operator and machine. Should they decide to override both, they would have control of the plant system, controlling valves and pump, while at the same time, sending data back to the operator to let them know that everything is running fine. The Man in Middle attack is the full manifestation of a hack, and the operator may not find out that the system has been infiltrated until it’s too late.

 

Find out more on how hackers spend their time.

News Source: edition.cnn.com

Article Trends
Follow Us
MashMine Follow your interests on MashMine, one of the newest technology blogs around. Stay up to date with the latest news on start ups, money and finance, technology, entertainment, design and development.