Skip to main content
  1. Home
  2. Computing
  3. News

Hackers can take over nuclear power plants thanks to Industrial Ethernet Switches

Lulu Chang
By

faa bans drone flights over nuclear sites plant
Thought large government agencies were the most alarming entities to fall victim to a cyberattack? Think again. According to new research set to be fully released at the Black Hat cybersecurity conference in Las Vegas next week, Industrial Ethernet Switches (IES), which are responsible for maintaining the internal networks of today’s factories, refineries, ports, and other industrial organizations, are vulnerable to hackers and cyberattacks. As the Daily Dot reported, these lapses in security could allow ill-intentioned individuals to “gain access to the network, take full control, and cause potentially fatal damage.” But don’t worry — researchers and scientists may or may not be working on fixing that.

The IES, which are rarely used in the everyday home setting but are commonplace in large-scale operations, especially those that could cause catastrophic damage in the case of a cyberattack, has a number of potential pitfalls that could prove problematic in certain scenarios. These pitfalls include the frequent use of “default passwords, hard-coded encryption keys, and a lack of proper authentication for firmware updates.” In combination with one another, these so-called “fundamental failures of security” form a hacker’s trifecta, making it relatively simple for attackers to access the systems in question.

Robert Lee, a security researcher and and active-duty U.S. Air Force Cyber Warfare Operations Officer told the Daily Dot, “Anything that the facility is capable of in its natural operating system, you’re [an attacker] capable of doing — and doing damage with if you control the network. With a power station, you can have major repercussions. With a hydroelectric dam, if you don’t monitor processes in a normal situation, it’ll spin out of control. Everything you have can be manipulated.”

Related

While Lee is working with risk researcher Eireann Leverett to address these shortcomings and assuage public fears about such issues, the process is an arduous one. Leverett told the Daily Dot, “All these vulnerabilities are pervasive and endemic. Most vendors haven’t done the basics,” particularly because when the equipment was initially installed, many of today’s threats were simply not yet present in the cybersecurity landscape.

But now that hackings have grown ever more common and robust, the time is rife for a complete security overhaul, especially among companies and infrastructure that need it most. “What we don’t have is awareness,” said Lee. “There is a massive lack of security awareness in the industrial control systems community,” and that’s where attention needs to be focused first.

Editors' Recommendations

Topics
Hackers are trying to sell a haul of more than 73 million user records
Hands on a laptop.
Nintendo Switch hacker faces jail time and a hefty fine
Nintendo Switch review
NFL: Multiple teams’ social media accounts targeted by hackers
The NFL's Daniel Sorensen tries to tackle Darren Waller
Hackers demand $6M from largest retail currency dealer in ransomware attack
worlds largest retail currency dealer hit by ransomware attack travelex
Adobe Free Trial: Try Creative Cloud for free
Close up of Adobe Photoshop app icon being chosen from among other Adobe apps on a laptop screen.
IPVanish Free Trial: Try it for a month, no strings attached
The IPVanish VPN logo on a black background.
How this new Quest VR app totally sold me on exercising in virtual reality
Playing a fitness game in VR with the Quest Pro.
Walmart shoppers are loving this $159 11.6-inch 2-in-1 laptop
The Gateway Notebook 2-in-1 laptop shown in laptop mode and tent mode.
1-day sale drops this gaming laptop with an RTX 3050 Ti to $550
lenovo ideapad gaming 3i deal october 2022
Google may have just fixed Chrome’s most annoying problem
A Macbook with Google Chrome opened to a Gmail inbox.
Norton Antivirus Free Trial: Get a week of protection
norton antivirus free trial logo
ABCMouse Free Trial: Get your first month free
abc mouse cheap subscription deal free trial abcmouse 1stg animation grammar rgb
Microsoft Word Free Trial: Get a month of service for free
A person using MS Word.