FBI and DoD Warn of Iran Hacking Operational Technology

Just to make sure we are all on the same page, operational technology or OT is like Internet of things (like your Siri) but for your local power plant or water supply. No, it doesn’t play rock music, but it automates a lot of manual processes that make these plants run safely and, in some cases, just plain run.

So, since I assume you want the lights to work in your house and office and there to be water when you turn the faucet, this is kind of important.

Iran-linked hackers are going after Internet connected OT, which is, pretty much, all of it these days. Since each vendor’s hardware works differently, they picked two of the largest vendors in the world – Allen Bradley and Siemens.

While the feds are being tight lipped about who, specifically, got compromised, we do know from other reports that the Minot, ND water treatment plant (which serves the Minot Air Force Base, which has NORAD missiles) was hacked. The same group hacked the St. Joseph County, Indiana IT infrastructure. They also wiped a reported 200,000 devices at Stryker Medical. These last two are traditional IT systems. The first one is OT. We will find out more over time, but this is what we know right now. The fact that the FBI AND the Pentagon put out an alert means that there is active hacking now.

The FBI wants companies to disconnect from the Internet, but if they do that they pretty much might as well turn off the water and the lights. You just can’t do that anymore.

Iran has figured out that they can still do a lot of damage by turning off the water and lights and other critical infrastructure (Stryker makes medical supplies and devices that doctors and hospitals use) and it appears that it is easier to do than we would like.

If you have any OT devices connected to the Internet, now would be a good time to secure them and if you need assistance, please contact us. Credit: The Record

by