News


Botnets, zombies and industrial security

January 2016 News

“A ‘bot’, short for robot, is a type of software application that performs tasks on command, allowing an attacker to take complete control remotely of an affected computer. The compromised machine may also be referred to as a ‘zombie’. A collection of these infected computers is known as a ‘botnet’.”– nacha.org.

Revolution - Eric Knapp, global director cyber security solutions, Honeywell Process Solutions

The ‘Internet of Things’ is exploding. Our IoT world is growing at a breath-taking pace, from two billion objects in 2006 to a projected 200 billion by 2020. That will be around 26 smart objects for every human being on Earth!

The image on this page is neither a virus, nor a cross-section of a zombie brain, it is a map of the Internet representing well over three billion connected users. Each user is represented by several devices e.g. they have a personal PC, business laptop, a smartphone, etc. The number of devices is growing at an exponential rate. The Internet is becoming ubiquitous. It is becoming pervasive. Some might say it’s even becoming invasive.

A guide to industrial cyber espionage

As the Internet surged into our personal and business lives, a threat followed hot on its heels – a threat to our privacy and safety.

In 2010 (http://www.instrumentation.co.za/article.aspx?pklarticleid=6957) Stuxnet struck the industrial cybersecurity gong. At the time, it was ground-breaking ... it was another revolution. Simple viruses gave way to complex, sophisticated, intelligent malware that was able to penetrate an air gapped network, infect logic controllers in a very targeted and precise way and manipulate industrial control processes in such a way that it caused physical damage. It caused a significant setback to the Iranian nuclear programme.

In June 2014 (http://www.instrumentation.co.za/8303a) a cyber espionage group, widely known as ‘Dragonfly’, actively targeted energy suppliers in predominantly Western countries. Dragonfly stole a lot of information. We are still not sure exactly how much information they stole or why they stole it. Unlike a lot of stolen information, this particular intellectual property has not surfaced yet. We don’t know why anyone took it. It could have been an academic exercise or it could be something much more sinister.

Why does the cyber threat exist?

The answer is simple. It’s about money. It is not about Euros or Dollars or Yen. It’s about Bitcoins – virtual currencies that have evolved in the digital age to allow anonymous transactions – transactions of the type where you can do almost anything:

• You can buy information if you need it.

• If you cannot create the malware yourself, you can have somebody else create it for you as a ‘service’.

• If you cannot access the network you need, you can buy your way in.

Personal cyber espionage – Raj Samani, chief technology officer (EMEA), Intel Security and advisor to The Europol Cyber Crime Force

What McAfee decided to do was test the allegations made in the paragraph above. One of the questions asked was, “What happens to the data after it is stolen?”

A research team conducted a study called ‘The Hidden Data Economy’ with the goal of understanding:

1. What happens after a data breach?

2. Does the data actually become available for selling?

3. If so, what data becomes available?

When the team started the research they expected to find credit card details. When they published the research the feedback that they received most often was, “You’re being ripped off. I can buy credit cards much cheaper than you.”

But, how does one know the services being offered are ‘trustworthy’? It is like any modern online business. If one buys a stolen credit card and it does not work, don’t worry, because you’ll get a free replacement.

One particular criminal enterprise investigated was offering a free customer service chat window, just in case you didn’t know how to perform the hack yourself – a criminal syndicate that actually gives you a free help desk!

Industrial espionage – understanding the adversary

Not only are vulnerabilities and direct access into the IT networks of large organisations being sold, but criminals are also selling direct access into operational technology.

First of all, we are up against an adversary who hacks and then provides that information to anybody willing to pay. An example is Cryptowall – a form of ransomware. If a computer is infected, the ransomware will encrypt all of the data on the computer. Not only that, it will also encrypt all of the data that you are connected to. So, if a computer uses shared drives and is connected to a company’s servers, it will encrypt those files as well.

To de-crypt that information, i.e. to get the data back, the user has to pay a ransom, somewhere in the region of about two Bitcoins (approximately US$400-500). A recent study showed that the Cryptowall Version 3 (by itself) netted the criminals US$235 million – a very conservative estimate. Since the research was completed it is estimated that the revenue could have doubled or tripled. That is just the revenue from Cryptowall Version 3.0.

The full article can be viewed at http://instrumentation.co.za/+J462



Credit(s)



Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Reinstatement opportunity for ECSA registration
News
In 2023 the Engineering Council of South Africa (ECSA) announced a special opportunity for engineers in South Africa to reinstate their registration status if it had been cancelled. This exclusive offer is available until the end of August 2024.

Read more...
Festo 100th Anniversary: Celebrating a century-long legacy of innovation and commitment
News
Festo has officially begun celebrating 100 years of groundbreaking technology, commitment and enduring partnerships. To kick off this historic milestone celebration, their Customer Innovation Day and ThankYou Party series brought together customers, partners and employees to reflect on their journey and look ahead to an

Read more...
Bearings International fosters dynamic customer partnerships
News
Bearings International has consistently set the benchmarks in innovation and excellence as a leading distributor of bearings, power transmission and interconnected mechanical consumables that sustainably facilitate and optimise operations for mining and industrial customers across Southern Africa.

Read more...
Innomotics and Danfoss Drives strengthen partnership to deliver comprehensive motor and drive solutions
News
Innomotics and Danfoss Drives have announced the next phase of their strategic, non-exclusive partnership. This collaboration is designed to meet the growing demand for comprehensive motor and drive solutions, ensuring customers receive high-quality, efficient and compatible products

Read more...
Africa’s industrial revolution accelerates
News
As Africa undergoes a rapid industrial transformation, AATF Connect 2025 emerges as the premier platform to showcase innovation, drive collaboration, and spark discussions that will shape the continent’s industrial future.

Read more...
From the editor's desk: A good servant and a bad master
Technews Publishing (SA Instrumentation & Control) News
In our new AI-generated world it was inevitable that the Nobel Committee would have noticed. And last November two pioneers of artificial intelligence, John Hopfield and Geoffrey Hinton, won the Nobel Prize ...

Read more...
Festo 100th Anniversary: Celebrating a century-long legacy of innovation and commitment
Festo South Africa News
Festo has officially begun celebrating 100 years of groundbreaking technology, commitment and enduring partnerships. To kick off this historic milestone celebration, their Customer Innovation Day and ThankYou Party series brought together customers, partners and employees to reflect on their journey and look ahead to an exciting future.

Read more...
German Chancellor visits Beckhoff at Hannover Messe
Beckhoff Automation News
As part of the traditional Hannover Messe opening tour, Federal Chancellor of Germany, Olaf Scholz visited German company, Beckhoff Automation. Hans Beckhoff, managing director and owner of Beckhoff Automation, presented his company and its comprehensive expertise in the field of software and AI.

Read more...
Iritron celebrates 25 years of excellence
Iritron News
When Iritron, a leading provider of engineering and industrial solutions was founded in 2000, it was on the principles of exceptional service and lasting part-nerships. Today, Iritron has grown from a small team of four into a company of over 120 employees, serving clients across South Africa and beyond.

Read more...
A racing partnership
SKF South Africa News
In one of motorsport’s most demanding arenas, a partnership forged in engineering precision and high-performance ambition has proven its worth. SKF, a global leader in bearing technology and innovation, celebrated a remarkable milestone in partnership with SVR Toyota GAZOO Racing, taking second position overall at the 2025 Dakar Rally.

Read more...