Cyber Security Story Time - By Amy Williams

By Unlimited Technology | Jun 14, 2019
Cyber Security Story Time - By Amy Williams

Don’t Be Ali

 

It’s now been a year since the black out. On day one everyone assumed the weather was to blame as the heat had been unbearable even by Phoenix standards. However, by day two clues had emerged that something more sinister was afoot – the outage was intentional. Despite limited means of communication, rumors spread quickly and terror set in.

Imaginations were running wild with what might happen next and formerly law-abiding citizens began breaking into homes and stores searching for medication, food and most of all, precious water. By day four, clean water was no longer available without the electric generators necessary to pump water into the towers. Within five days, over 100 deaths were confirmed. Many were the result of heat exhaustion, but violence was also to blame. All businesses were closed and shop owners who were still in town began using guerilla tactics just to keep their properties from being destroyed by people desperate for supplies.

In less than a week, the outage had cost the area billions. Rescue missions from beyond were in full force but gas pumps weren’t working and the airport was closed, hindering efforts. Anyone who could, fled the area. The only good news was that hospital generators held up despite operating at max capacity.

Jay Roberts, Acme Power’s security manager, notified the FBI on day two that a security breach was suspected. Jay then called in Beth Billingham’s forensics team to do an analysis. Mercifully, the point of the breach was identified and patched on day seven but it took two months to piece together how they got in.

“Truly remarkable,” Beth muttered as the final clue came into focus. Tracing backward, she determined that the attackers began by probing the networks of Acme Power’s suppliers and partners for possible vulnerabilities to exploit. Apparently, the starting point was an attack on Electric Learning (EL), a website that offers technical content to engineers. The network was poorly secured, allowing the attackers to watch traffic. When Ali Warren, an employee from All-Star Engineering logged into EL, the attackers were able to capture his log-in credentials. Next, they guessed that Ali’s EL ID and password were also his work ID and password and they were right. The hackers now had full access to Ali’s email account. Pretending to be Ali, the attackers sent messages to his contacts, including power company contacts, phishing for sensitive information. The attackers scored enough information to then infiltrate several small utility companies which were then used to launch attacks on the entire grid. Beth heaved a weary sigh. “This is exactly why you don’t use the same ID and password for multiple accounts.”

 

Notes: The names are changed but this attack actually happened in another part of the country – fortunately it was caught before the dire circumstances described here played out but the sequence of events in the attack are real and the consequences of the attack could have actually happened as well – all because someone reused the same email address and password everywhere. Don’t be Ali. Small changes make a big difference for everyone and we all play a part in security. Also talk to your company about using multifactor authentication if they don’t already do so. Contact us if your company needs help reducing its attack surface.

 

Comments (0)
If you wish to comment, please login.