Jan 02, 2017

Net threat security concern

Net threat security concern

There were two lessons coming out of a recent cyber security course attended by Townsville-based engineering consultants Thorburn Australia.

The first lesson was there are major companies and utilities exposed to hacking.

The second lesson was always turn off your WiFi.

Shane Thorburn returned from the Edith Cowan University course more than a little concerned.

“If you know what you’re looking for it will find the IP address and hook you up to the PLC (Programmable Logic Controllers used in manufacturing processes),” he said.

“If the site is not protected, you can do what you like.

“We have found chemical and other sorts of plant exposed to hacking. The biggest one was a 17MW wind farm in Ireland that had the capacity to service 6000 homes.

“It (access to the PLC) was sitting on the internet and anyone could have turned it off , changed frequency or the changed the voltage.

“We made contact to warn them about it.”

The business specialises in control systems as well as general electrical and instrument engineering.

“We learnt to ‘fingerprint’ systems to identify them, apply and exploit and then defend them from such attacks,” Mr Thorburn said.

“It was crazy how easy some systems are to break into. This sort of information is getting more and more valuable.

“If the payoff is a million dollars worth of secrets for a company it might be worth a year’s hacking.”

Cyber security was mentioned as part of functional safety (AS61508) and now appears in vendor manuals for control systems. Cyber security was also emerging in audits, Mr Thorburn said.

On an individual level the least you could do to protect your system was turn all the wireless connec ons off when not in use, he said.