Poorly defended Scada systems offer rich picking to crime gangs, warns Kaspersky. Hackers are helping to steal commodities including coal, petrol and grain as criminals turn their attention to attacking industrial control systems.
Industrial control systems have run production lines and other processes for decades, but are now being connected to the internet to allow them to be monitored remotely. But as these systems were not designed with this online connectivity in mind, they are often much harder to secure from hackers, making them a tempting target for gangs.
Eugene Kaspersky, CEO of security company Kaspersky, said attacks on industrial control systems and Supervisory Control And Data Acquisition (Scada) systems are on the rise.
For example, he said gangs were hacking systems that control the temperature of petrol – which affects the volume – so that they could fit more into tankers. “So when they fill their big tank they hack the Scada system and they decrease the temperature so they can get extra petrol into the tank,” he said. After making deliveries to petrol stations the tanker is left with extra petrol, he said.
“At the end of the day they have two or three percent extra left,” he said, speaking at the Cloud Expo Europe event in London.
A similar trick he said was being used in by criminals to steal coal by hacking into the system that weighs how much coal is loaded into wagons.
“They steal the coal by hacking the computer systems,” he said.
“Traditional crime is getting more and more smart and cyber,” he said. One problem with investigating these crimes is that they fall in between specialised cybercrime units and standard police, he added.
The security of industrial control systems has long been a concern to governments, who worry that critical national infrastructure could be damaged by digital attack. And as well as criminals exploiting insecure industrial systems, Kaspersky said there is a danger that terrorists will try to do the same.
“Traditional crime employs cybercriminals, hackers to attack systems. I’m afraid it is just a question of time [before] terrorists will employ computer geeks to attack critical infrastructure and I am afraid there are people in the cyberspace who will do anything you want for money,” he said, pointing to the recent ransomware attacks which hit hospitals in the US and Europe. “Don’t think that the computer geeks, the cyber criminals, are good guys,” he warned.
Kaspersky also said that professional criminal groups, mostly Russian-speaking, now have the same level of complexity as state sponsored attackers.
He said, in one example, three gangs had worked together on attacking a bank: one gang cracked the bank and gave access to the bank network to the second gang, the second gang took the money out and the third gang collected the cash
“They work like an enterprise – they have management, they have engineers, they have lawyers, because they have enough money to pay for the best lawyers,” he said.