Why Do Hackers Hack?

Cybersecurity should be a major concern with respect to all plant systems.

Yet, according to Allan Evora of systems integrator Affinity Energy, Charlotte, NC (affinityenergy.com), some owners of mission-critical facilities may be ignoring the issue when it comes to SCADA and other human-machine interfaces. After all, they reason, who would want access to that type of information in the first place? As Evora wrote in a recent blog post on his company’s website, “There are quite a few reasons.” They include:

Valuable information outside a facility. The hack could have nothing to do with the facility and everything to do with the big picture. Consider a central energy plant (CEP) connected to a hospital network. The hacker could be looking for an easy avenue into that network. The hospital network could be heavily protected, but the CEP’s avenue into it might not. Protected health information, such as birth dates, social security numbers, and addresses, commands high prices on the black market.

Valuable information inside a facility. The hack could have everything to do with the facility. Information on the amount of energy being produced or the level of environmental contaminants being introduced into the atmosphere can also be valuable. Hackers also could be looking for insider-trading information to sell, or seeking data for anti-government or green-activist organizations.

Sabotage. Activist hackers (hacktivists) could be looking to sabotage an organization’s business practices to send a message. Or, for power-gen or utility operations, they might be looking for an easy way to disrupt the entire grid.

Exploitation. If a system is important to a site’s daily operation, it’s at risk. A hacker who can gain access to and install ransomware within the system can have a significant impact on business finances.

Random, dumb luck. Hackers use network scanners to find ports that are open across the internet. There are also well-known websites that list IP-enabled devices that are discoverable on the internet. Even when trying lists of commonly used usernames and passwords, hackers might not know what organizations they are hacking. They’re simply attacking a potential vulnerability. If network ports happen to be open, they’ll get in, find valuable data, install malware to keep tabs on the operation to see if any new exciting information comes in, and then get out.

“In general,” Evora noted, “most hackers just care about the valuable information they find on your network that they can sell on the black market.” Click here to read his recommendations for combating the problem. EP

Allan Evora is president of Affinity Energy, Charlotte, NC (affinityenergy.com).