Breaking the Illusion: How some CEOs’ Perceptions of Hacking Differ from Reality
Hollywood has given us an unrealistic (with the exception of Mr. Robot) and exaggerated portrayal of hacking in movies and TV shows. From the fast typing and flashy graphics to the unrealistic speed and ease of breaking into secure systems, the depiction of hacking in media is often far from reality. In real life, hacking is a complex and often painstaking process that requires a deep understanding of technology and security systems. Furthermore, the consequences of real hacking can be far more severe than what is depicted in the movies, often leading to significant financial, legal, and reputational damage. In this sense, it is important to understand the realities of real hacking, and how it differs from the flashy and unrealistic portrayals we see on the big screen.
There have been many cyber attacks on industrial networks throughout history, and attackers have used a variety of methods to gain unauthorised access and cause damage.
Here are 10 real-life examples of cyber attack methods on industrial networks, along with a brief explanation of what caused the attack:
Stuxnet was created by a joint effort between the US and Israel as a cyberweapon to target Iran’s nuclear facilities. The attackers used a variety of techniques, including exploiting zero-day vulnerabilities in the Siemens SCADA system and disguising the malware as legitimate software.
NotPetya was initially spread through a malicious software update for accounting software used by Ukrainian companies. It was later able to spread to other organizations through a backdoor in the software. The attackers were likely Russian, and the attack was believed to be politically motivated.
WannaCry was able to spread rapidly due to a vulnerability in Microsoft Windows that was exploited by the attackers. The attackers used a worm-like mechanism to spread the malware, which was initially delivered through phishing emails.
The attackers behind Triton were able to gain access to the plant’s safety systems by exploiting a vulnerability in the Triconex Safety Instrumented System. The attack was believed to be the work of a state-sponsored actor, although the identity of the attackers is unknown.
The attackers behind Dragonfly used phishing emails to gain access to the targeted organizations’ networks. They then used a variety of techniques, including the use of Trojan malware and backdoors, to gain access to sensitive systems and data.
Industroyer targeted Ukraine’s power grid in 2016. The attackers were able to gain access to the power grid’s control systems and cause a widespread blackout by disabling circuit breakers. The attack was believed to be politically motivated.
BlackEnergy was a malware that was used to attack Ukraine’s power grid in 2015. The attackers were able to gain access to the power grid’s control systems through spear-phishing emails and then used the malware to cause a widespread blackout.
Operation Aurora was a series of attacks against several large companies, including Google and Adobe, in 2009. The attackers were able to gain access to the companies’ networks by exploiting vulnerabilities in Internet Explorer and then used a variety of techniques to steal sensitive data.
Ukrainian Power Grid Attacks:
In 2015 and 2016, Ukraine’s power grid was targeted by a series of cyber attacks. The attackers used a variety of techniques, including phishing emails and malware, to gain access to the power grid’s control systems and cause blackouts.
In 2013, Target was targeted by a cyber attack that resulted in the theft of millions of credit card numbers. The attackers gained access to Target’s network through a third-party HVAC vendor, and then used malware to steal the credit card data.
The hacking methods used in the above scenarios highlight the need for organisations to understand the realities of hacking and the disconnect between what some CEOs and to certain extend, some CISOs think and what is actually happening. This headline acknowledges that some CISOs may have a perception of hacking based on fictional depictions or outdated information. It highlights the importance of educating CEOs and other executives on the realities of hacking and the importance of investing in appropriate security measures based on current threats.