Long before the Internet was even a glint in Al Gore's eye, power stations, pipelines, dams and water-treatment plants were computer controlled over SCADA systems (supervisory control and data acquisition).
The closed systems were hard to hack. But, thanks to the Internet, many industrial control systems are now online, remotely controlled over the web, as are hundreds of thousands of security cameras, webcams, routers, smart meters and home-automation systems.
New search engines, such as Shodan, are dedicated solely to listing the IP addresses of Internet-connected devices, from web servers and routers to industrial control devices and security cameras.
Some don't even require passwords to get in. The growing number of back doors on SCADA systems is just one more headache for computer security experts.
Another is advanced persistent threats (APTs), a growing concern for governments and business because many are highly sophisticated programs, often state-backed, designed for spying or intellectual-property theft.
The more notorious attacks tend to be between governments that are hostile toward each other. The Stuxnet worm, for example, targeted Iranian infrastructure via SCADA systems.
But Canadian government, infrastructure and business are also at risk, according to a report released Monday by FortiGuard Labs, Fortinet's (Nasdaq:FTNT) Burnaby-based threat-intelligence and research centre.
"A heavily redacted memo released by CSIS in 2009 made it very clear that threats and attacks on the Canadian government and Canadian businesses is an ongoing and real threat," warns Threats on the Horizon: Canada and the Advanced Targeted Attack.
One target of these attacks is intellectual property, said the report's author, Richard Henderson, a FortiGuard security strategist.
"The bottom line is, in Canada we do a lot of technology work. There are other countries, like China, who have not developed those systems themselves to the extent that we've seen in the Western world, and they want to leapfrog 20 years, and they'll do it just by penetrating these corporate networks in Canada and stealing their corporate secrets.
"Why spend five years developing some sort of new technology when you can just launch an APT attack on some company and steal all their trade secrets?"
Common computer viruses are like vandals bent on doing indiscriminate damage. They can often be stopped with firewalls, anti-virus software and authentication (usernames and passwords).
An APT is more like a state-sponsored ninja: stealthy, patient and goal-oriented. Firewalls, anti-virus protection and authentication might not stop such sophisticated programs.
As for SCADA systems, they have been around since the 1970s and were never designed to be connected to the Internet.
Using sites like Shodan, Henderson has found IP addresses on SCADA systems that allowed him to get into devices remotely without a password and has found security cameras that could be remotely manipulated.
He was also able to get into an automated irrigation system in Eastern Canada with no login or password required and discovered he would have been able to reconfigure the system's timer, if he wanted to ruin a farmer's crop.
SCADA vulnerability also opens up the prospect of eco-terrorism or profiteering.
"Worst-case scenario is that someone gets into some sort of supervisory control oil-pipeline device, turns off a pump, turns on a pump and, all of a sudden, they have to scramble to shut down a pipeline and disrupt the flow of oil for a week or two. Right there, you've caused a spike in global oil prices. Even if it's just a few per cent, someone could really profit from that."
Ultimately, Henderson said businesses have to educate themselves and employees about ever-evolving cyber threats.
It's also a good idea to have a company's network checked by hiring a firm that can do a penetration test.
Services like Phishme.com will literally go phishing at a company to see if it is vulnerable. •
The network highway: Addressing vulnerable gaps in firewalls
One of the problems with many networks is that their safeguards – firewalls, for example – are software, says Sandro Yong, co-founder of SecureEDEN Inc., which has developed an "air-gapping" hardware solution that addresses that vulnerability.
"Hackers know that you can manipulate the software to adjust the filtering settings," Yong said.
"We've redesigned the way the network infrastructure should be, where the hardware should control the data flow. Currently it's the software that controls the data flow and, as such, with the right keystrokes and the right passwords, you can open any gate."
Yong likens the typical company network, with all its individual employees connected to the company's server, to a highway shared by hundreds of cars.
SecureEDEN's air-gapping devices essentially create an individual highway for every car. The information is therefore more secure.
"You can't control hardware remotely," Yong said. "You have to physically break into the premises to gain access to our data.
"From a hacker's point of view, if I were to look into a traditional system, I would gain access to anywhere on the network as soon as I penetrate the server. If they were looking at our system from the outside in, all they would see is an empty room with no access to anything."
The company's devices are currently being subjected to hacking exercises and are not yet commercially available.