The Tech Herald

DHS: Anonymous lacks the skill to harm ICS stability

by Steve Ragan - Oct 18 2011, 17:25

An NCCIC (National Cybersecurity and Communications Integration Center) bulletin issued in September, which was released by PublicIntelligence.net on Monday, reveals that Anonymous has taken an interest in Industrial Control Systems (ICS)... but that’s about it.

Actual harm to ICS stability is limited, the NCCIC notice outlines, because Anonymous apparently lacks the skill to target anything other than Web-facing applications and access.

“The loosely organized hacking collective known as Anonymous has recently expressed an interest in targeting industrial control systems (ICS). While Anonymous recently expressed intent to target ICS, they have not demonstrated a capability to inflict damage to these systems,” the bulletin relays.

“Anonymous does have the ability to impact aspects of critical infrastructure that run on common, internet accessible systems (such as web-based applications and windows systems) by employing tactics such as denial of service. Anonymous’ increased interest may indicate intent to develop an offensive ICS capability in the future. ICS-CERT assesses that the publically available information regarding exploitation of ICS could be leveraged to reduce the amount of time to develop offensive ICS capabilities. However, the lack of centralized leadership/coordination and specific expertise may pose challenges to this effort.”

Instead of targeting ICS, the NCCIC memo adds that Anonymous has instead opted to embarrass and harass its targets, “using rudimentary attack methods, readily available to the research community.”

The DHS memo singles out OpMonsanto, where Anonymous attacked the company for two days straight, “crippling all 3 of their mail servers as well as taking down their main websites world-wide.”

Moreover, the OpMonsanto campaign targeted information, collecting the personal details on more than 2,500 company employees, even suggesting a backdoor left on one of the systems pointed to IRC [source].

The second item the DHS focused on was a Twitter message that published the results of “browsing the directory tree for Siemens SIMATIC software.”

“The posted xml and html code reveals that the individual understands the content of the code in relation to common hacking techniques to obtain elevated privileges. It does not indicate knowledge of ICS; rather, it indicates that the individual has interest in the application software used in control systems,” the bulletin explained.

In addition, the XML and HTML code included the administration code used to create password dump files for an interface control product from Siemens.

“The code also contained OLE for Process Control (OPC) foundation code that is used in server communication with control system devices such as programmable logic controllers, remote terminal units, intelligent-electronic devices, and industrial controllers.”

While the information looks damning, the DHS doubts that it was serious, noting that the information did not indicate actual ICS compromise, but rather that the person posting the details knew enough about ICS to release information capable of grabbing attention and causing panic.

“The information available on Anonymous suggests they currently have a limited ability to conduct attacks targeting ICS. However, experienced and skilled members of Anonymous in hacking could be able to develop capabilities to gain access and trespass on control system networks very quickly.

“Free educational opportunities (conferences, classes), presentations at hacker conferences, and other high profile events/media coverage have raised awareness to ICS vulnerabilities, and likely shortened the time needed to develop sufficient tactics, techniques, and procedures (TTPs) to disrupt ICS.”

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

Knight Rider Back as a Renault Van

  Renault have released a video featuring the new Renault Trafic van in a remake of the...

2014 AUTOBACS GT Round 6 1000km GT500 Pictures

We have added some great pictures from the 2014 AUTOBACS GT Round 6 43rd International ...

Car Games Update August 30th

We have added a few new games to the car games section of Autosaur. First up is the Car Eats...

2015 Toyota Tundra TRD Pro Prices

Toyota have announced prices for their 2015 Tundra TRD Pro, based on the Tundra it includes ...

2015 Toyota Tundra TRD Pro Pictures

Toyota recently announced prices for the 2015 Toyota Tundra TRD Pro. We have added some...